An interview with TC’s cybersecurity reporter Kate Conger about the NSA hack, Instagram brings us concerts and sporting events, Casper now offers dog beds for delivery, Amazon has a curated store for Product Hunt’s featured items, and Univision buys Gawker. All this on Crunch Report. Read More
Yesterday I read that there is a totally new release of nmap, the network mapping tool. I’ve blogged about Nmap before. Version 7 has attacks against Heartbleed, it has mature IPv6 support, faster scans on Windows and BSD systems. And it has 171 new scripts and 20 libraries (new since Nmap 6 though).
The release notes make mention of a script called oracle-brute-stealth script, which can exploit the CVE-2012-3137 vulnerability, a weakness in Oracle’s O5LOGIN authentication scheme in a lot of 11g versions (except when protocol 12 is required). This vulnerability has been fixed in the Critical Patch Update of October 2012.
I got all excited. But then I realized that oracle-brute-force actually exists in this form since 2012. I’m going to test this out anyway, because it’s an interesting way to gain access to unpatched Oracle 11g databases.
It seems like a day doesn’t go by without an ESP8266 project here on Hackaday. There’s a good reason for that, the chip and associated modules have brought low-cost WiFi connectivity to the masses. Today we have [Stevica Kuharski], who has built an open WiFi access point detector using the ESP8266. To do this he’s using the Lua compatible NodeMcu firwmare. [Stevica] wrote his own Lua scripts to run on the ESP8266’s internal 32 bit microcontroller. The freewifi script scans and searches for open WiFi networks. If a network is detected, the user is informed via a blinking LED.
To make the project wearable, [Stevica] powered the project with a pair of CR2450 coin cell batteries. The ESP8266 is not known for being a particularly low power device, so we’re curious to see what sort of battery life [Stevica] gets with his project. The project source is already available on GitHub,
View original post 25 more words
Just finished another frustrating day of consulting with an organization that is convinced technology is going to solve their problems. Have an opportunity? Throw money and computers at the opportunity. Have a technology answer to your process problems? Really?.
The business world is changing. With cloud computing potentially eliminating the need for some current IT roles, such as physical server huggers…, information technology professionals, or more appropriately information and communications technology (ICT) professionals, need to rethink their roles within organizations.
Is it acceptable to simply be a technology specialist, or do ICT professionals also need to be an inherent part of the business process? Yes, a rhetorical question, and any negative answer is wrong. ICT professionals are rapidly being relieved of the burden of data centers, servers (physical servers), and a need to focus on ensuring local copies of MS Office are correctly installed, configured, and have the latest service…
View original post 810 more words
Building secure systems is difficult. It would be nice if we had a bunch of well-designed crypto building blocks that we could assemble in all sorts of ways and be certain that they would, no matter what, yield a secure system overall. There are, in fact, folks working on such things at a theoretical level [Universal Composability].
But even if you had these building blocks, you would still have to use them in their intended way. A component can only be secure under certain well-defined circumstances, not for any use that happens to look similar.
One area of secure protocol development that seems to consistently yield poor design choices is the use of hash functions. What I’m going to say is not 100% correct, but it is on the conservative side of correct, so if you follow the rule, you (probably) can’t go wrong. You might be…
View original post 1,832 more words
Hello again, fellows.
Today we’re using the preconfigured (see Part I) GNS3 to build our basic lab. Imagine the following scenario:
Your pentesting company got contracted by a small company to do a white/grey box pentest. This means you know everything about the present IT infrastructure and got all info on software patchlevels and hardware used. And to safely mitigate possible downtimes or other unforseen consequences of a full-blown pentest on the production network, network simulation comes in handy.
Also if your pentesting company is contracted to do a black box pentest a virtual network that is built on findings from the information gathering process can be used as a test environment before actually conducting the test on the real systems.
As for our pentest we choose a mid-sized software company called Noob.net with the following network properties:
- Dual firewall DMZ with port forwarding
- Webserver & Services (Email, DNS, etc.)…
View original post 1,588 more words