Showing 33 results for: September 2012 ×

Adding Anti-CSRF Support to Burp Suite Intruder

In the web application penetration testing industry, Burp Suite is considered a must-have tool – it includes an intercepting proxy, both active and passive web vulnerability scanners, crawler, session ID analysis tools and various other useful features, all under a...

Smart Phone + Mail Server = Location Tracking

My last two posts have touched on the privacy perspective in relation to mobile applications. This post continues on with that privacy theme, however looking at the smart phone itself and how the constant polling to a mail server can...

Update from Trustwave SpiderLabs EMEA

Europe, Middle East and Africa consists of around 120 countries depending on the definition of each territory. We don't have customers in all of those countries, but the number of countries that we do is growing rapidly year on year....

Trustwave SpiderLabs in Africa

Africa. The land of origin; the original unknown. A story of a young pentester, going south over Earth's second largest continent until it doesn't quite meet the sea again - sun beaten Johannesburg, South Africa. Keeping him company is a...

Announcing the availability of ModSecurity extension for Nginx

ModSecurity for Nginx ModSecurity for Nginx is a web server plug-in for the Nginx web server platform. This module was created through a collaboration between Trustwave SpiderLabs Research, Microsoft Security Research Center (MSRC), Yandex and community members. With the addition...

FinSpy Mobile - Configuration and Insight

A couple of weeks ago, Citizen Lab announced the discovery of the mobile component to the previously discovered FinFisher Toolkit (Reference Here). In this reveal, they talk about the many mobile variants, and a number of components included in each....

Guidance for firms using the NetAccess N-1000

SpiderLabs' Incident Response team has recently seen credit card fraud involving the suspected compromise of a 'drop in' transaction processing devices in the Asia Pacific region. Specifically, we have seen issues with the NetAccess N-1000 Transaction Concentrator, payment processing middleware...

Oops, I pwned your router - Part Two

In the last blog post, "Opps I pwned your router Part One", I talked about some of poor security that went into the basic embedded router operating systems. In this post I will flush out in more detail how one can go about reverse engineering these devices, what tools worked for me, and some of the results that I was able to get to. Hint: Having root on your hardware is good for me, bad for you.

Getting in with the Proxmark 3 and ProxBrute

As a member of the Physical Security team here at SpiderLabs, some of my job responsibilities include getting into a facility by any (non-destructive) means necessary. When a client has decided once and for all that they've trained their guards...

Hey, I just met you, and this is crazy, but here's my hashes, so hack me maybe?

Those familiar with password cracking know that KoreLogic's rule set for John the Ripper has become the de facto standard for password cracking.However, as with anything technology related, the rules are slightly starting to show their age, specifically with rules designed to take into account years. So, I decided to take on the task of making a few modifications to the rule set, this includes updating them to take into account the current and prior year, but also reworking some of the rules to eliminate some redundancy.

Analysing X-Cart Compromises

Recently I've found myself performing a lot of forensic examinations of X-Cart shopping carts. This isn't surprising: X-Cart is a very widely adopted and relatively low cost shopping cart platform. Its popularity makes it an attractive target for attackers because...

Wherever you come from, you can meet BeEF

This year I've been very busy in terms of conferences, and developing/coordinating new features for BeEF. The move to GitHub has been successful: we are receiving many pull requests from our users, and we encourage everyone to do it. If...

CVSS for Penetration Test Results (Part II: Attack Sequences)

CVSS needs to be extended to accommodate combinations of vulnerabilities. The current documentation explicitly states: "Vulnerability scoring should not take into account any interaction with other vulnerabilities." But interaction among vulnerabilities is crucial for understanding the implication of particular vulnerabilities...

JSON Hijacking Demystified

JavaScript Object Notation (JSON) is a language and platform independent format for data interchange. JSON is in widespread use with a number of JSON parsers and libraries available for different languages. While some information is available for JSON hijacking this...