HackDig : Dig high-quality web security articles for hackers

DameWare Vulnerability

In course of a recent research project, I had a look at SolarWinds DameWare, which is a commercial Remote Access Software product running on Windows Server. I identified a remote file download vulnerability in the download function for the client software that can be exploited remotely and unauthenticated and that allows to download arbitrary files from the
Publish At:2016-10-06 15:45 | Read:4471 | Comments:0 | Tags:Insecurity Security DameWare Disclosure SolarWinds Vulnerabi

Attacking BaseStations @Defcon24

Hello Guys, back from my vacation I’d like to give you some impressions about Defcon 24 and our talk “Attacking BaseStations”. Defcon itself had a couple of great talks but was a very crowded location. Anyhow, we had a couple of great discussions with the people before and after our talk. The talk “Attacking BaseStations” focus
Publish At:2016-09-21 10:20 | Read:3459 | Comments:0 | Tags:Conferences Insecurity Uncategorized 4G Defcon eNB eNodeB LT

Your Mouse Got Sick and You Don’t Know it. aka “Reverse Shell via Mouse”

Ever got a backdoor installed on your computer by your beloved mouse? Here’s the story of a poor mouse that got really, really sick. Agent “Danger Mouse” Do you remember the times where people put Teensy-boards and USB hubs in their mouses? [Chris? ;)] Their aim was to attach an additional Human Interface Device (HID, like keyboards or mous
Publish At:2016-07-30 02:50 | Read:5753 | Comments:0 | Tags:ERNW Insecurity Badge ftp gaming hid logitech maus mouse rev

New Ransomware-Wave Analysis

In the context of a customer project, we examined a new variant of the Locky ransomware. As in the meantime stated by a law enforcement agency, this has been part of a large wave of attacks hitting various enterprises in the night from Tuesday (2016-07-26) to Wednesday. As an initial attack vector, the attackers use emails with an attachment that probably ev
Publish At:2016-07-28 14:20 | Read:3999 | Comments:0 | Tags:Insecurity Security Uncategorized analysis Digital Forensics

Notes on Hijacking GSM/GPRS Connections

As shown in previous blogposts we regularly work with GSM/GPRS basestations for testing devices with cellular uplinks or to simply run a private network during TROOPERS. Here the core difference between a random TROOPERS attendee and a device we want to hack is the will to join our network, or not! While at the conference we hand out own SIM cards which acce
Publish At:2016-07-17 22:05 | Read:4306 | Comments:0 | Tags:Insecurity Security Uncategorized cellular gprs gsm hardware

Gotta Catch ‘Em All! – WORLDWIDE! (or how to spoof GPS to cheat at Pokémon GO)

The moment, when your team leader asks you to cheat at Pokémon GO…everyone knows it, right? No? Well, I do
Publish At:2016-07-16 09:35 | Read:4058 | Comments:0 | Tags:ERNW Insecurity Tools dvb-t gps HackRF michael ossman pokemo

VoLTE Security Analysis, part 2

In our talk IMSEcure – Attacking VoLTE Brian and me presented some theoretical and practical attacks against IP Multimedia Subsystems (IMS). Some of the attacks already have been introduced in a former blogpost and Ahmad continued with a deeper analysis of the Flooding and targeted DoS scenario. But still, there are some open topics I’d like to c
Publish At:2016-06-24 07:20 | Read:5300 | Comments:0 | Tags:Conferences Insecurity LTE VoLTE

The ULIN Story

Some of you might have noticed the articles, or the leaked manual itself, about a tool called ULIN. ULIN is a “bleeding-edge spy tool” for mobile communication networks. According to the manual, it is aimed to be a surveillance software for agencies (or others with enough money) for tracking and intercepting the Voice Calls and SMS of arbitrary p
Publish At:2016-06-03 17:40 | Read:4782 | Comments:0 | Tags:Insecurity gsm ss7 surveillance

CVE-2016-1409 – IPv6 NDP DoS Vulnerability in Cisco Software

Dear readers, As you may have already noticed, Cisco released an urgent security advisory describing an IPv6 Neighbor Discovery DoS Vulnerability in several flavors of Cisco’s operating systems. Currently IOS-XR, XE and NX-OS are affected while ASA and “classic” IOS are under investigation. At first glance, it might look like yet another IPv6 DoS vulnerabili
Publish At:2016-05-30 22:25 | Read:5113 | Comments:0 | Tags:ERNW Insecurity Security IPv6 network Vulnerability

Breaking into and Reverse Engineering iOS Photo Vaults

 By Michael Allen @_Dark_Knight_Every sooften we hear stories of people losing their mobile phones, often withsensitive photos on them. Additionally, people may lend their phones to friendsonly to have those friends start going through their photos. For whateverreason, a lot of people store risqué pictures on their devices. Why they feelthe need to do
Publish At:2015-11-19 12:55 | Read:19995 | Comments:0 | Tags:encryption hacking insecurity iOS michael allen mobile apps

INTERNET-of-THREATS

By Cesar Cerrudo @cesarcerAt IOActive Labs, I have the privilege of being part of a great team with some of the world’s best hackers. I also have access to really cool research on different technologies that uncovers security problems affecting widely used hardware and software. This gives me a solid understanding of the state of security for many dif
Publish At:2014-08-12 01:40 | Read:3921 | Comments:0 | Tags:BYOD cesar cerrudo exploits hacking home automation insecuri

PCI DSS and Security Breaches

By Christian Moldes, Director of Compliance ServicesEvery time an organization suffers a security breach and cardholder data is compromised, people question the effectiveness of the Payment Card Industry Data Security Standard (PCI DSS). Blaming PCI DSS for the handful of companies that are breached every year shows a lack of understanding of the standard&#
Publish At:2014-08-12 01:40 | Read:3987 | Comments:0 | Tags:advanced persistent threats APT Christian Moldes compliance

Beware Your RSA Mobile App Download

By Gunter Ollmann, @gollmann It's been half a decade since Apple launched their iPhone campaign titled "There's an app for that". In the years following, the mobile app stores (from all the major players) have continued to blossom to the point that not only are there several thousand apps that help light your way (i.e. by keeping the flash running brig
Publish At:2014-08-12 01:40 | Read:6290 | Comments:0 | Tags:2014 data leakage gunter ollman hacking information leakage

Tools

Tag Cloud