Unlike others, this blog is primarily used for rapidly getting ideas, concepts, research materials and solutions out to the public. We encourage feedback and good discussions.
This post is gonna be a quick one, since it’s nothing more than the result of me tiding up my pendrive files.
Remember those old remote command exec vulns where you had a CGI script such as a perl program which would take input from the client to construct command strings that would then be passed to the shell environment? Well, there were tons of those affecting diagnostic scripts available on the web interface of Avaya Intuity Audix LX. [...]
What is the best way to spend a quiet, weekend afternoon? – Jump off a perfectly working plane while 10,000 feet in the air.
On 5th of July 2009, the GNUCITIZEN team and friends came together to perform a skydiving gig. It has been two months since that day but memories are still as clear as yesterday.
Automated Web Application Security Testing tools are in the core of modern penetrating testing practices. You cannot rely 100% on the results they produce, without considering seriously their limitations. However, because these tools are so good at picking the low-hanging fruit by employing force and repetition, they still have a place in our arsenal of penetrating testing equipment.
These tools are not unfamiliar to modern day penetration testers. [...]
I’ve been meaning to talk about CONFidence and EUSecWest for quite a while, but May was such an intense month for me, that’s hardly left me with any time for other things. I eventually got caught up with other matters, which resulted in me publishing this post about 2 months late.
I’ve been researching, pentesting, and preparing two different presentations which I gave at CONFidence in Krakow, and EUSecWest in London.
pdp has also been busy presenting at AusCERT2009. [...]
I couldn’t find any public PoC/exploit for this phpMyAdmin vulnerability, despite it being a serious bug affecting a popular open-source project.
I think this vulnerability is a nice reminder that it’s still possible to perform remote command execution these days without relying on SQL injection (i.e.: xp_cmdshell) or a memory corruption bug (i.e.: heap overflow).
All the documentation you need is in the script comments. [...]
This article is a continuation of the following GNUCITIZEN articles: Hacking Linksys IP Cameras (pt 1), Hacking Linksys IP Cameras (pt 2), Hacking Linksys IP Cameras (pt 3), Hacking Linksys IP Cameras (pt 4).
Mounting the filesystem on your workstation
There are many ways to mount the camera’s filesystem using the firmware binary. In this post, we’ll explain one way to mount firmware version v1.00R24 which is the latest available for the WVC54GCA model. [...]
This is going to be one of these quick posts which just makes you think what the information security landscape will be like in 5 years. Before I move on with my commentary, here is a video which is essential for you to watch.
Got the idea? No! Let me explain. What you see in the video above is an application for the iPhone which gives you detailed characteristics of properties (houses) in USA. [...]
Two of the most popular Firefox extensions are at war, fighting for their own piece of land. More examples will follow.
Oh yes, the digital battlefield is taking unusual shapes. The latest manifestation of cyber warfare is a conflict between the Adblock Plus and the NoScript extensions. The story goes that NoScript used some JavaScript tactics and, of course, some obfuscations in order to cripple the Adblock Plus functionalities. [...]
When I was playing/introducing the partial disclosure practice an year and something ago, I did get contacted by numerous dodgy characters willing to buy yet undisclosed vulnerabilities for substantial amount of money.
Of course, requests of that nature were kindly ignored. I couldn’t believe that someone was willing to give me so much money for something I virtually spent 2-3 hours maximum to produce. [...]
With this post I would like to inform you that Jeriko moved in its own source code repository which you will be able to find here. There is also a discussion group here, if you feel like using it.
The version inside the new code repository is very different from the version you’ve seen before. [...]
GNUCITIZEN Products
 |
Blogsecurify is a division of GNUCITIZEN. The initiative was established to provide social media security services through our free automated testing engine. The Blogsecurify team is also engaged to deliver quality content on issues concerning social media technologies. |
 |
Netsecurify is a division of GNUCITIZEN. The initiative was established to provide network security services through our free automated testing engine. The service is still in private-beta. |
 |
Websecurify is a division of GNUCITIZEN. The initiative was established to provide a free web application security framework for automated and manual penetration testing. The service is still in private-beta. |
 |
Secapps serves as an application directory of all online tools which the GNUCITIZEN team has built over the years. |
 |
Securls serves as an information security intelligence tool, combining news and articles from the best information security resources online. |
Visit the GNUCITIZEN Network for a complete listing of all GNUCITIZEN initiatives, products and partnering organizations.