Depending on the time spent in IT, most professionals have seen an instance of two where developers based their implementations on specific quirks and other non-standard behaviors, a well-known example is greylisting, another oft-used but less-known one is Wi-Fi band steering. In all these cases, the solution works within a...
2015-10-02 — 3 minute readIntroduction Web application penetration testing is a well researched area with proven tools and methodologies. Still, new techniques and interesting scenarios come up all the time that create new challenges even after a hundred projects. In this case study we start with a relatively simple blind SQL injection situation and...
2015-09-17 — 5 minute readIntroduction This week a Polish bank was breached through its online banking interface. According to the reports the attacker stole 250.000 USD and now uses the personal information of 80.000 customers to blackmail the bank. Allegedly the attacker exploited a remote code execution vulnerability in the online banking application to...
2015-06-19 — 5 minute readMD5 is known to be broken for more than a decade now. Practical attacks have been shown since 2006, and public collision generator tools are also available since that time. The dangers of the developed collision attacks were demonstrated by academia and white-hat hackers too, but in case of the...
2015-06-10 — 3 minute readSANS Institute accepted my GWAPT Gold Paper about testing Oracle Forms applications, the paper is now published in the Reading Room. Forms is a typical example of proprietary technology that back in the day might have looked a good idea from business perspective but years later causes serious headaches on...
2015-05-27 — 1 minute readToday we release the details of CVE-2014-3440, a remote code execution vulnerability in Symantec Critical System Protection. You can get the detailed advisory on the following link: CVE-2014-3440 – Symantec Critical System Protection Remote Code Execution We reported the vulnerability with the help of Beyond Security, Symantec fixed the vulnerability...
2015-05-07 — 3 minute readIntro Last year we decided to expand our pentest team, and we figured that offering a hands-on challenge would be a good filter for possible candidates, since we’ve accumulated quite a bit of experience from organizing wargames and CTF at various events. We provided an isolated network with three hosts...
2015-04-03 — 9 minute readRenewal paper of my GIAC Penetration Tester certification: http://www.giac.org/paper/gpen/6684/aix-penetration-testers/125890 Enjoy!
2015-01-09 — 1 minute read