In the tiger team operations we have been involved with, I often end up hacking through the least interesting systems. If you ask AP, a password-cracking ninja and master of hacking through simplicity, the less interesting the system is, the higher the chances to be insecure. A successful exploitation of these systems often leads to [...]
I couple of posts back I’ve started a conversation on what OpenID is and why it could turn a bit insecure. You can read more about this over here, here and here. Today, I would like to draw your attention on why I believe that OpenID based authentication is a lot more more secure then [...]
Social Networks hacking - maybe not the most technical skill you can learn from the street but definitely the one that will prove to be extremely useful today and in the future.
I’ve started my quest on social networks hacking back in the days when they first came out and I sort of knew that they [...]
One of the fundamental rules, which you wont read about in any security book and you can learn only through experience is that everything is in symbiosis. This means that the security models of the individual components in a system are co-dependent. For example, the security of a server is dependent on the security of [...]
I am happy to inform you that I’ve been doing some work on our Google Hacking Database Tool lately. The tool is now pretty stable and it has a better looking, and a lot more intuitive interface. You can enjoy the tool right now from here, as it is entirely web-based.
The GNUCITIZEN’s GHDB project was [...]
If you are a n00b Google Hacker then I would recommend to have a look at the Google Hacking for Penetration Testers Second Edition book or check the cDc’s GoolagScanner. If you want to learn some new tricks follow me:
We know what Google Hacking is but have we explored the edges of the craft? I [...]
Over the course of the last couple of days, I’ve been heavily attacking various file upload facilities including but not only embedded devices configuration and firmware upload interface. Some of the setups, I’ve encountered, were pretty secure while others where quite easy to hack into. And this is how I came up with a technique [...]
WiFi networks are the necessary evil. In this post I would like to briefly highlight some ideas on the potential damages that can be introduced when attackers combine automated viral-like attacks with human power. This post is largely related to the wifi worms topic that was quite present among all media outlets at the beginning [...]
What will happen if someone impersonates you on a social network? Will that person be able to fool your friends and as such gain access to resources, which only you are entitled to? Or are social network protected enough to guarantee the credibility of the social participants. I don’t know, but join me in the brainstorming process in the following paragraphs.
A device that is vulnerable to this issue, only performs an authentication check (i.e.: is the password being submitted with a request via basic authentication?) when the request is performed using a certain HTTP method. For instance, most devices have a feature to backup the config file which contains all the configuration settings including admin credentials.
