Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers – is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

An Easy Introduction to Steganography

Some time ago, a person reached out to Trustwave to get answers regarding some news that he saw about Steganography. After this, I noticed that not many people understand what steganography is and the risks it presents for companies. In...

And Then? Where is the Risk with Steganography?

In the previous posts, Steganography... what is that? and Steganalysis, the Counterpart of Steganography, I gave a quick introduction about what steganography and steganalysis are. I know it was full of mathematical terms so now it is time to explain...

Hanz Ostmaster’s revenge: An SSL Validation issue

Why would I title a blog post with the name 'Hanz Ostmaster'? Don't worry, it's not some new named vulnerability, but it turns out this name has some significance. Do you see it? It requires a bit of imagination -...

Digging in the Spam Folder

Introduction Unlike spam that appears in my real-world mailbox, the numerous unwanted parcels that arrive continuously in my Gmail spam folder are a gold mine. Not because I'm being offered $1.5 million USD to help with a foreign currency deposit,...

Neutrino Exploit Kit – One Flash File to Rule Them All

There's been a bit of talk about the Neutrino exploit kit lately, most of it revolving around sites redirecting users to Neutrino. But Neutrino has also been through some interesting technological changes and now the landing page of Neutrino only...

How To Decrypt Ruby SSL Communications with Wireshark

Debugging a program that communicates with a remote endpoint usually involves analyzing the network communications. A common method is capturing the traffic using a packet analyzer tool such as tcpdump or Wireshark. However, this process can be tricky when the...

Cracking IKE Mission:Improbable (Part3)

Introduction As discussed in parts 1 and 2 of this series, the most common VPN endpoints (responders) found supporting Aggressive Mode negotiation are Cisco devices. However, they are also almost always supported by a second factor authentication mechanism known as...

Capturing Ghosts: Using inotify to defeat an Android DRM system

Apart from our typical application penetration testing engagements, clients sometimes come to us looking to test the resiliancy of various security mechanisms they want to apply to their applications. This was the case a few weeks ago when one of...

“Reversing” Non-Proxy Aware HTTPS Thick Clients w/ Burp

A little over a month ago, I published a Metasploit auxiliary module for brute-forcing Cisco ASDM logins that accompanied one of our TrustKeeper Scan Engine updates. Shortly afterwards, I received requests from a couple people to share how I was...

The Way of the Cryptologist

Right before DEF CON, a friend of mine reached out to me to ask if I would write a crypto challenge for his CTF. While it was a busy time for me, I didn't want to pass up the chance...

A Friday Afternoon Troubleshooting Ruby OpenSSL... it's a trap!

Last Friday I was trying out some new code that one of my colleagues wrote to help automate some of the work involved in releasing new versions of the TrustKeeper Scan engine. One of the many things the code did...

Corporate Passwords Part 1

With the vast amount of research and content that was done by SpiderLabs for the Global Security Report, it made it impractical to include all of the content that was written for this year's password study. But instead of letting...

CBC-R: It's not just for padding oracles!

This is the short, technical version of a technique that I'll be writing more about in a few days. This blog post is geared towards readers already familiar with current topics in cryptanalysis. In Rizzo and Duong's paper on practical...

CryptOMG Walkthough - Challenge 2

For those of you that missed it last time, CryptOMG is a configurable CTF-style test bed that highlights flaws in cryptographic implementations. The application and installation instructions can be downloaded for free at the SpiderLabs Github. The challenge 1 walkthrough can be found here. The goal for the second challenge is to get the admin password. Unlike the first challenge, which told us there was probably a directory traversal flaw, this does not give us a very clear picture of the type of flaw we will be exploiting. After opening the application, we are presented with a login form and instructions telling us that we can login with guest/guest. Taking a closer look at the URL parameters, we have a "ReturnUrl" parameter with 32 hex characters, in this case 82803ac0ee614d894128649a2eb31f03.

SpiderLabs Crypto Contest - Winner!

We have a winner! @TimoHirvonen Congratulations Timo! His gift will be a Trustwave Spiderlabs goodie package which includes a Trustwave cinchpack, the latest Spiderlabs tshirt, several stickers, a Throwing Star LAN Tap, and an exclusive Spiderlabs challenge coin. There were...

Defeating AES without a PhD

"Cryptography is typically bypassed, not penetrated." – Adi Shamir FAITH IN THE ARCANE When I tell a developer that I broke their cryptosystem, there's usually a pregnant pause in the conversation where they take it in, like a young child...

SpiderLabs Crypto Contest - Hints

This is a post for those attempting to solve the Crypto contest I introduced a couple weeks ago. There are quite a few people wracking their brains on it so I decided to give some hints. It's difficult to describe...

Hacking with Drain Cleaner – Yet Another BitLocker Bypass Technique

As hard-wired as any Application Specific Integrated Circuit it seems the Infosec community can't go a week without some ruckas. This holiday it's Russian ElcomSoft and their Forensic DiskDecryptor tool. Yours for only $299! (or £300 if you read El...

Simple Ciphers, and a little SpiderLabs Crypto Contest

Millions have died and millions have been saved because of cryptography. There is no telling what the world would be like today if cryptography never existed. Would the Roman Empire have conquered as much as it did without being able...

Stay Connected


Subscribe

Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.


Trending Topics