May 22, 2013
The goal of this blog is to provide a simple process for testing common breakout scenarios related to applications published via Kiosks, Terminal Services, and Citirx using manual techniques and free tool kits. This should be useful to penetration testers and system administrators alike.
May 16, 2013
The process of patching a Java executable (.jar files) without the original source code has been known for a while. As I know of, currently there are two ways of doing it: Decompile the executable > Import …
April 22, 2013
File upload vulnerabilities and web shells are not a novelty when talking about web application security. It’s not rare to see a web shell result in a full compromise of the web server. For example, Metasploit can generate uploadable web …
April 15, 2013
Last week Karl Fosaaen described the various trials and tribulations we went through at a hardware level in building a dedicated GPU cracking server. This week I will be doing a complete walkthrough for installing all the software that we use on our box. This includes installing the operating system , AMD drivers, oclHashcat-plus, and John the Ripper with OpenCL support.
April 11, 2013
A question came up about a PCI audit that was performed for one of our customers. They just finished their PCI audit and passed. I am now working with them on a new software application and there is a vulnerability …
April 7, 2013
This winter, we decided to create our own dedicated GPU cracking solution to use for our assessments. It was quite the process, but we now have a fully functional hash cracking machine that tears through NTLMs at roughly 25 billion hashes per second (See below). While attempting to build this, we learned a lot about pushing the limits of consumer-grade hardware.
April 1, 2013
Many times during our mobile application penetration testing, we are finding the applications are vulnerable to man-in-the-middle attacks (MITM). Certificate pinning is one part of the answer to MITM attacks in a mobile application. For those who do not know …