Location: A security area with access control. Two pentesters need to get (legitimate) access to the area, which requires three things: An authorisation token, your signature, and your identity card. The token is ready, the paper sheet signed and… access is granted. Wait, what about the identity card? The friendly security guard is stumped.
“Well, the [...]
Another year passed by and it’s time again for the annual DFN-CERT workshop. It’s taking place for the 17th time, and this year, Lutz will talk about emulation based unpacking of runtime packed malware in his (German) talk
“Emulationsbasiertes Entpacken von laufzeitgepackten Schadprogrammen und darüber hinaus”
He’ll show you his project “Pandora’s Bochs”, based on the popular [...]
Apparently, the guys at Acunetix were tired of examining their JBoss Application Servers manually for vulnerabilities. In their Web Vulnerability Scanner from Version 6.5 build 20091215 on, they integrated various checks for the stuff from our JBoss paper.
To give you a little reminder: Always check for
http://www.example.com/jmx-console
http://www.example.com/web-console
http://www.example.com/web-console/Invoker
http://www.example.com/invoker/JMXInvokerServlet
and any open JBoss Remoting / RMI ports. See the [...]
Tagged acunetix, invoker, jboss, scanner, wvsRedTeam Pentesting published three new advisories today. During a pentest, we found security vulnerabilities in the Geo++(R) GNCASTER NTRIP Caster:
RT-SA-2010-001: Insecure handling of long URLs
RT-SA-2010-002: Insecure handling of NMEA-data
RT-SA-2010-003: Faulty implementation of HTTP Digest Authentication
All vulnerabilities have been fixed by the vendor in version 1.4.0.8, so if you happen to run this software, please update [...]
Tagged advisory, gncaster, pentest“So, you hack companies and then tell them that you found security vulnerabilities? And afterwards they hire you to show them what is wrong?”
This is one of the questions you get asked surprisingly often when you explain to people what you do for a living (and the answer is no: we don’t proactively hack companies [...]
As promised, the TLS Renegotiation vulnerability Python PoC is now publicly available on our websites:
http://www.redteam-pentesting.de/publications/tls-renegotiation
RedTeam wishes you all a Merry Christmas. Be sure not to use the code for something naughty, Santa will know ;).
We finally came around to translate and release the 27+ pages of our JBoss paper (see also this post). That was quite some work, the first versions of my translations always read like a one-to-one translation from German. Then I read it again and correct those horribly sounding sentences to what I hope is [...]
Tagged english, jboss, PaperAs promised, we have released information about the attacks we developed against chipTAN comfort today. Have a look at our website:
http://www.redteam-pentesting.de/de/publications/MitM-chipTAN-comfort
You’ll find our press release (in German) and a paper (also in German) there, giving you all the details about the three attacks we came up with. I’m sorry that I didn’t get the [...]
RedTeam is on TV again:
Sunday, 22. November 2009, SAT1 Planetopia: Gefährliches Onlinebanking (Dangerous Online Banking)
Online banking is still a hot topic, with all the new systems cropping up after the traditional PIN/TAN and the more recent PIN/iTAN (indexed TAN) systems.
We already showed in 2005 that Man-in-the-Middle attacks on iTAN-based systems are possible and predicted that [...]