Showing 4 results for: 2017 ×Penetration Testing ×

Elephone P9000 Lock Screen Lockout Bypass

Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers employ scaling lockouts that progress into longer and longer periods between attempts and, if the user is security conscious, the device may wipe after 10 attempts. However...

0-Day Alert: Your Humax WiFi Router Might Be In Danger

Over the years WiFi Routers have been notoriously susceptible to simple attacks. In early 2017, Trustwave SpiderLabs Researcher Simon Kenin identified 43 different models of Netgear Router to be vulnerable for Remote and Local Password Disclosure. More recently, in May...

Exploiting Privilege Escalation in Serv-U by SolarWinds

I was recently working on an external network penetration test where I identified a new vulnerability in a file sharing web application called Serv-U by SolarWinds. This vulnerability granted me administrative privileges to the Serv-U application, and, allowed for remote...