Week 10 In Review – 2016

Events Related

• BSides San Francisco 2016 Videos – www.irongeek.com
  These are the videos from the BSides San Francisco conference.

• BSides Indy 2016 Videos – www.irongeek.com
  These are the videos from the BSides Indy conference.

Tools

• HTCAP – www.htcap.org
  htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes.

Techniques

• Getting Domain Admin with Kerberos Unconstrained Delegation – www.labofapenetrationtester.com
  A recent penetration test was one of the rare ones where it was not possible to locate a domain admin credential (password/hash/ticket) using the usual methods.

• repairing the hackrf – www.t4f.org
  The HackRF One uses two Avago MGA-81563 amplifiers. This chip amplifies the input signal by 14dB. In the HackRF this chip is used as a power amplifier (PA) for transmitting and as a Low Noise Amplifier (LNA) for receiving.

Vulnerabilities

• Quick Analysis of a Recent MySQL Exploit – isc.sans.edu
  We had a mysql honeypot getting hit hard with this “exploit” recently. I am enclosing the word “exploit” in quotes as the MySQL server was configured to allow logging in without password.

• OpenSSL Security Advisory – mta.openssl.org
  OpenSSL is disabling the SSLv2 protocol by default, as well as removing SSLv2 EXPORT ciphers.

• The DROWN Attack – drownattack.com
  DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security.

Other News

• S. Announces ‘Hack The Pentagon’ Bug Bounty Program – www.npr.org
  Announcing what it calls “the first cyber bug bounty program in the history of the federal government,” the Department of Defense says it’s inviting hackers to test the security of its Web pages and networks.

• Why Your Security Tools Are Exposing You to Added Risks – darkreading.com
  Remember that there is no foundation of trust on any piece of software; think of each of them as a potential vector. Plan your incident response around this idea, maximize your advantages as a defender and become a hard target.