Comments for RedTeam

Comment on Reading the fine manual by RedTeam : The Documentation Is Always Right. Right?

RedTeam : The Documentation Is Always Right. Right? — Mon, 22 Mar 2010 16:12:44 +0000

[...] wrote a similar blog post way back in 2006 titled “Reading the fine Manual”, where we saw that the PHP ereg*() functions are not binary safe. In that case however, the [...]

Comment on Rent a Hacker by RedTeam : Security Policy Gone Wrong

RedTeam : Security Policy Gone Wrong — Fri, 12 Mar 2010 15:43:35 +0000

[...] listed on our homepage, something you usually do not see with other companies. You may want to read this older blog post about pentesting as a me-too-business too, a topic also relevant when thinking about trust. Posted by phof on Friday, March 12, 2010, [...]

Comment on Scanning JBoss AS for open Invokers by Patrick Hof

Patrick Hof — Wed, 03 Feb 2010 09:48:50 +0000

BTW: If anyone of you owns a JBoss Community account, the english JBoss Wiki page at

http://community.jboss.org/wiki/SecureJboss

still links the German and not the English version of the paper. The English paper is at

http://www.redteam-pentesting.de/publications/2009-11-30-Whitepaper_Whos-the-JBoss-now_RedTeam-Pentesting_EN.pdf

Comment on SSL Man-in-the-Middle PoC to come by Week 51 in Review | Infosec Events

Week 51 in Review | Infosec Events — Mon, 28 Dec 2009 10:13:53 +0000

[...] SSL Man-in-the-Middle PoC to come – blogs.23.nu/RedTeam Red Team to release a SSL/TLS authentication man-in-the-middle attack [...]

Comment on SSL Man-in-the-Middle PoC to come by RedTeam : TLS Renegotiation Vulnerability: Proof of Concept Code Released

RedTeam : TLS Renegotiation Vulnerability: Proof of Concept Code Released — Mon, 21 Dec 2009 12:48:49 +0000

[...] As promised, the TLS Renegotiation vulnerability Python PoC is now publicly available on our websites: [...]

Comment on SSL Man-in-the-Middle PoC to come by Sn0rkY

Sn0rkY — Mon, 14 Dec 2009 21:11:25 +0000

Cool, I am eager to test it in a VoIP environment ;-)
Inform me when it will published…

Health & Happiness :-D
Sn0rkY

Comment on ATM weirdness by Logan Buchanan

Logan Buchanan — Wed, 02 Dec 2009 14:31:30 +0000

what one is write

Comment on JBoss Paper: English version released by Lutz Böhne

Lutz Böhne — Tue, 01 Dec 2009 09:09:39 +0000

Oh, sorry, next time I’ll insert TODOs for you :P

Comment on “Who’s the JBoss now?” Whitepaper released by RedTeam : JBoss Paper: English version released

RedTeam : JBoss Paper: English version released — Tue, 01 Dec 2009 08:50:35 +0000

[...] finally came around to translate and release the 27+ pages of our JBoss paper (see also this post). That was quite some work, the first versions of my translations always read like a one-to-one [...]

Comment on RedTeam@TV: Dangerous Online Banking by RedTeam : Man-in-the-Middle Attacks against the chipTAN comfort Online Banking System

Mon, 23 Nov 2009 09:16:48 +0000

[...] As promised, we have released information about the attacks we developed against chipTAN comfort today. Have a look at our website: [...]

Comment on Security quote of the day by wlet

wlet — Mon, 12 Oct 2009 07:30:02 +0000

awesome :P…

Comment on Tidy up! Your web app looks like a hog house! by RedTeam : Why Teamwork Matters

RedTeam : Why Teamwork Matters — Tue, 15 Sep 2009 14:23:00 +0000

[...] have already mentioned in this blog post that there’s always standard stuff you have to do in a pentest. Finding all the standard [...]

Comment on New Advisory: 0wning with Gimp by bob

bob — Fri, 14 Aug 2009 16:19:17 +0000

HD, you have it backwards.
a.php.gif will not process as php.
a.gif.php will.

Comment on New Advisory: 0wning with Gimp by Daily Digs – 08.10.2009 « Security Stallions Blog

Daily Digs – 08.10.2009 « Security Stallions Blog — Tue, 11 Aug 2009 01:01:43 +0000

[...] I happened to post this one earlier in the day and it got quite a bit more attention than I had expected. The RedTeam blog has some Gimp pwnage fun that shows you how to embed some sneaky PHP in a GIF. That and @hdmoore pointed out to me some extra fun to go along with the ’sploit. Double whammy! [0wning with Gimp] [...]

Comment on New Advisory: 0wning with Gimp by HD

HD — Mon, 10 Aug 2009 15:29:05 +0000

Keep in mind apache will process the first extension in the file, not the last, so just checking for ending “.gif” doesn’t work if the file is called “exploit.php.gif” — the PHP extension is detected and the file is processed as PHP instead of GIF.

Comment on FrOSCon 2009 by Conference | FrOSCon 2009 | Conference calling

Conference | FrOSCon 2009 | Conference calling — Tue, 28 Jul 2009 17:26:16 +0000

[...] more: FrOSCon 2009 Tags: are-currently, Conference, excuse-the-lack, jboss, lack, please-excuse, post-more, program, [...]

Comment on DEFCON 17 CTF Qualifiers by Lexi

Lexi — Wed, 10 Jun 2009 13:55:21 +0000

Congrats :-)

Comment on Better be Safe by Lutz Böhne

Lutz Böhne — Mon, 25 May 2009 08:24:13 +0000

What you forgot to mention is that the next paragraph tells the user to happily click “Yes” to establish the connection and enter their username and password ;)

Comment on JBoss Talk at the RWTH Aachen University by Lexi

Lexi — Tue, 05 May 2009 06:57:08 +0000

Ich wuerde ja gerne kommen, aber der Vortrag ist mir etwas zu frueh :-/

Comment on 16th DFN Workshop by RedTeam : JBoss Talk at the RWTH Aachen University

RedTeam : JBoss Talk at the RWTH Aachen University — Mon, 04 May 2009 11:53:32 +0000

[...] Center for Computing and Communication of RWTH Aachen University. As we have more time than at the DFN CERT, we will be able to demonstrate all attacks live and generally go into a little bit more detail. [...]

Comment on EiPSI Opening by RedTeam : EiPSI 1st Anniversary

RedTeam : EiPSI 1st Anniversary — Mon, 27 Apr 2009 14:22:52 +0000

[...] the Protection of Systems and Information (EiPSI) celebrated its first anniversary last Friday. The opening in 2008 was already a very nice event, and I was looking forward to the announced talks for the [...]

Comment on CeBIT 2009 video by Jens

Jens — Mon, 23 Mar 2009 16:54:03 +0000

Notice: The talk ends at 23:42 ;-)

Comment on CeBIT 2009 by RedTeam » Blog Archive » CeBIT 2009 video

RedTeam » Blog Archive » CeBIT 2009 video — Mon, 23 Mar 2009 08:28:06 +0000

[...] mentioned here, the Linux Magazine streamed our talk at the CeBIT 2009 Open Source Forum. The video is now [...]

Comment on 16th DFN Workshop by RedTeam » Blog Archive » 16th DFN-CERT wrapup

RedTeam » Blog Archive » 16th DFN-CERT wrapup — Thu, 19 Mar 2009 15:36:36 +0000

[...] RedTeam Seeing your network from the attacker’s perspective « 16th DFN Workshop [...]

Comment on four in a row by RedTeam » Blog Archive » 16th DFN Workshop

RedTeam » Blog Archive » 16th DFN Workshop — Thu, 12 Mar 2009 11:09:44 +0000

[...] the enterprise and you – or – Who’s the JBoss now” which was already a success at the hack.lu 2008 last [...]

Comment on Frontal21 by RedTeam » Blog Archive » Never trust your Printer

RedTeam » Blog Archive » Never trust your Printer — Mon, 09 Mar 2009 14:14:16 +0000

[...] reminded me why we always tell our clients to treat their printers like servers, security-wise. Additionally, never trust a machine with a LIBDecisionImpl.cxx. Who knows if [...]

Comment on Flash and Parameter Passing by Cross Site Scripting » Blog Archive » Flash and Parameter Passing

Cross Site Scripting » Blog Archive » Flash and Parameter Passing — Wed, 04 Feb 2009 18:59:57 +0000

[...] This means Cross Site Scripting in your Flash movie: http://www.example.com/myapp.swf ?username=patrick &userdata=javascript:alert(’RedTeam’). By loading external data without verifying it first, you make yourself (or more precisely, …Read More [...]

Comment on Flash and Parameter Passing by Pages tagged "javascript"

Pages tagged "javascript" — Mon, 02 Feb 2009 18:35:46 +0000

[...] bookmarks tagged javascript Flash and Parameter Passing saved by 3 others ifon1stdate bookmarked on 02/02/09 | [...]