Nytro

Acelasi tip: http://www.theregister.co.uk/2015/12/17/press_backspace_28_times_to_own_any_grubby_linux_box/

Deci trimiti ceva pachete cu Destination unreachable / port unreachable si gata, crapa? In ce an suntem, '97?

In sfarsit a luat cineva si ultimul flag.

Te referi la cum sa executi comezi, flag-ul 9? Pe cele de dinainte le ai?

Trebuia sa mai stai Haideti, bagati ultimul flag ca e usor.

Salut, In cadrul Defcamp, SecureWorks a sustinut un concurs de tip CTF cu 10 challenges. Concursul este inca online (si va mai fi o perioada scurta). Pentru cei dornici sa exerseze, il puteti gasi aici: https://ariadne.def.camp/ Daca aveti intrebari, le puteti posta aici.

DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API. If you want to see what DeepViolet can do, use it from the command line in your scripts or use the graphical tool from the comfort of your desktop. Both tools can be used to scan HTTPS web servers to check server certificate trust chains, revocation status, check certificates for pending expiration, weak signing algorithms and much more. Some of the benefits and features for this tool is: Assess revocation status Certificates signed with weak signing algorithms Weak cipher suits on the web server Warn on certificates with approaching expiration View X.509 certificate metadata Easily visualize X.509 trust chains Explore trust chains, flag self-signed roots Information to support forensics You can read more and download this tool over here: https://github.com/spoofzu Sursa: http://www.sectechno.com/deepviolet-tool-for-introspection-of-ssltls-sessions/

Turn Your Vulnerabilities into Advantages SecuriTeam Secure Disclosure (SSD) provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. SSD was designed by researchers for researchers and will give you the fast response and great support you need to make top dollar for your discoveries. SSD helps security researchers from all over the world to take the next step toward getting properly compensated for their efforts. We work with some of the brightest and most highly compensated people in the security industry and can help you advance your game - regardless of whether you are a beginner or have been discovering security issues for years. The process is simple; send us a brief description of a vulnerability you have discovered and Securiteam Secure Disclosure will act as your agent. With just a sentence or two description from you, we'll use our extensive contacts with vulnerability buyers to secure a list of potential purchasers. You then set a price for your vulnerability and we'll help negotiate a sale. SSD also ensures that the transaction is confidential or that you get full recognition, it's up to you. Your work is valuable and SSD will help you get the compensation you deserve. For more information, contact ssd[at]beyondsecurity.com Take a look at recently published work from SSD: https://blogs.securiteam.com/index.php/archives/category/securiteam-secure-disclosure More info: http://www.beyondsecurity.com/ssd.html

Va abateti de la subiect, creati un topic separat si se poate discuta in voie.

Buna idee, thanks! Si da, trebuie sa creez un nou thread, sa incerc sa nu crap procesul, in caz de fail la shellcode.

Shellcode Compiler Shellcode Compiler is a program that compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows. It is possible to call any Windows API function in a user-friendly way. Shellcode Compiler takes as input a source file and it uses it's own compiler to interpret the code and generate an assembly file which is assembled with NASM (http://www.nasm.us/). Shellcode compiler was released at DefCamp security conference in Romania, November 2016. Link: https://github.com/NytroRST/ShellcodeCompiler

Pentru cei pasionati de CTF-uri, va recomand la Defcamp: https://def.camp/hacking-village/#ariadnes-thread

E de la tine, baga-i benzina de calitate.

PHP 7 was released on 03 Dec 2015, and so many people have not yet started using or learning about the awesome features it has. I wrote this post to give a breakdown of the features released with PHP 7 for those that have not yet learnt about them and even if you know it, you might still learn something from this post. Rasmus Lerdorf(creator of PHP) claims that apps running PHP 7 performance is improved by 100% or more. Memory usage is lower also, so if you are running a lot of servers, PHP 7 is an essential upgrade. One of the big changes in PHP 7 is the refactored ZEND Engine(PHPNG) which is now faster, memory usage reduced and a “green” version of PHP which makes you run less hardware to run your code. Link: http://chikemgbemena.com/2016/10/29/php-7-in-depth-look/

Editia de anul acesta e undeva la mijloc. Mai exact, in SUA avem: 1. Blackhat - Comerciala, sponsori, bilete scumpe, prezentari "premium", adresata companiilor 2. Defcon - Prietenoasa, numar imens de participanti, pret foarte mic al biletelor, prezentari foarte bune, adresata tuturor Cred ca dupa acest an va trebui sa decizi incotro vrei sa mearga Defcamp-ul. Va fi dificil sa mergi in directia Blackhat, dat fiind faptul ca suntem in Romania. Hmm, exista insa posibilitatea sa fie undeva la mijloc si aceasta ar putea fi varianta castigatoare.

Pacat ca nu prea se mai posteaza lucruri utile O sa revin si eu dupa Defcamp.

Ma fut pe chat-ul vostru. Nu intereseaza pe nimeni ce se intampla acolo, e ca in jungla: va injurati, puneti poze cu shemale, va cacati, nu ne pasa. In schimb, vrem ca forumul sa fie curat. Deci fara discutii legate de chat pe forum.

Util, mie imi place http://www.ntcore.com/exsuite.php

Cateva job-uri selectate: SecureWorks jobs: Penetration Testing Specialist - Dell SecureWorks: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/penetration-testing-specialist-secureworks-91385 Vulnerability Specialist - Dell SecureWorks: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/vulnerability-specialist-85444 Linux System Administrator - Dell SecureWorks: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/linux-system-administrator-secureworks-89426 Application Support Engineer - SecureWorks: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/application-support-engineer-secureworks-95175 Information Security Risk Management Advisor - Dell SecureWorks: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/information-security-risk-management-advisor-dell-secureworks-95997 Data Loss Prevention Advisor - Dell SecureWorks: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/data-loss-prevention-advisor-secureworks-90261 Dell jobs: Technical Support Agent - English: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/technical-support-agent-english-95886 Software Development Expert - Java: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-developer-german-speaking-90046 Software Development Senior Specialist - .NET and Oracle: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/.net-senior-software-developer-internal-it-90723 Senior Database Admin: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/senior-database-admin-97106 Incident Management Advisor: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/incident-management-advisor-92485 All jobs: http://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/search/6283331

https://def.camp/speakers/ionut-popescu-3/

yUuuuuhuuuuuu <3

Prea simplu, mai fun pentru Chrome.

OWASP Bucharest AppSec Conference 2016 - October 6th

Microsoft previews Project Springfield, a cloud-based bug detector David Molnar, left, and Patrice Godefroid, right, are two of the key researchers behind Project Springfield. (Photography by Scott Eklund/Red Box Pictures) Posted September 26, 2016 By Allison Linn Microsoft is making available to its customers one of the most sophisticated tools it has for rooting out potential security vulnerabilities in software including Windows, Office and other products. The offering is code named Project Springfield, and up until now, the team that built it has thought of it as the million-dollar bug detector. That’s because every time the system finds a potentially serious bug proactively, before a piece of software is released, it is saving a developer the costly effort of having to release a patch reactively, once the product is already public. With widely used software such as an operating system or productivity suite, deploying those patches can cost as much as $1 million, the researchers say. Patrice Godefroid (Photography by Scott Eklund/Red Box Pictures) “Those are the bugs that hackers will try to use,” said Patrice Godefroid, a principal researcher at Microsoft who invented a key technology behind Project Springfield and is the project’s chief scientist. “The more we can find those bugs ourselves, the more we can fix them before we ship the software.” Microsoft announced a preview of Project Springfield on Monday at its Ignite technology conference in Atlanta. It has previously been testing the new cloud security service with a small number of customers and collaborators using software on a smaller scale than Windows and Office. The company itself has been using a key component of Project Springfield, called SAGE, since the mid-2000s, testing products including Windows 7 prior to release. Although the Windows 7 operating system code had already been checked by other, similar security tools, Godefroid said SAGE unearthed a number of additional vulnerabilities, eventually accounting for one-third of all the bugs this kind of security testing, which is called fuzz testing, discovered prior to the release. The team overseeing the fuzz testing was impressed. “There aren’t a lot of tools that can do what SAGE does,” said Mark Wodrich, a senior security engineer with Windows Defender Advanced Threat Protection. One tool in the security toolbox Fuzz testing is far from the only security measure developers use, but security experts say it’s an important one in the security development lifecycle. David Molnar, the Microsoft researcher who leads Project Springfield, said fuzz testing is ideal for software that regularly incorporate inputs such as documents, images, videos or other pieces of information that may not be trustworthy. Fuzz testing looks for vulnerabilities that could open the door for bad actors to launch malicious attacks or simply crash the system, causing delays and other problems. “These are the serious bugs that it’s worth investing to prevent,” Molnar said. Broadly speaking, fuzz testing works like this: The system throws random, unexpected inputs at a piece of software to look for instances in which those unforeseen actions cause the software to crash, signaling a security vulnerability. Project Springfield builds on that idea with what it calls “white box fuzz testing.” It uses artificial intelligence to ask a series of “what if” questions and make more sophisticated decisions about what might trigger a crash and signal a security concern. Each time it runs, it gathers data to hone in on the areas that are most critical. This more focused, intelligent approach makes it more likely that Project Springfield will find vulnerabilities other fuzzing tools might miss. David Molnar (Photography by Scott Eklund/Red Box Pictures) From software research to security product SAGE grew out of years of Microsoft’s basic research into formal methods, which are systems for reasoning about code to look for imperfections. As SAGE developed, the researchers were regularly publishing research papers detailing the advantages of their approach. That, in turn, drew the interest of security experts and other researchers who wanted to use the tool as well. “Customers had asked about it for years, but we’d never been able to offer it to them,” Molnar said. In order to make the software security tool available to a broader group of people with fewer resources and security expertise than the Windows and Office organizations, the researchers built Project Springfield. It bundles SAGE with other tools for fuzz testing and adds an easy-to-use dashboard and other interfaces that make it accessible for people without an extensive security background. Then, it runs its tests using an Azure cloud-based system, so individual clients don’t need to have data centers of their own. Finally, the results are delivered securely to the customers, so they can fix the bugs and test the code again. “It’s very simple to use – it’s ‘fire and forget,’” said Gavin Thomas, a principal security software engineering manager with the Microsoft Security Response Center. “You set it up and you walk away.” Thomas first used Project Springfield when a Microsoft customer came to him for help in looking for security vulnerabilities. Thomas said Project Springfield proved as easy to use as any app, and it was so effective at finding bugs that Thomas is in the process of implementing it in his own labs. That will save his expert security engineers the time of manually creating similar tools, allowing them to focus on other issues. The team behind Project Springfield includes, from left, Stas Tishkin, William Blum, Marc Griesen, Cheick Omar Keita, Dave Tamasi, David Molnar (seated) , Theresa Pacheco, Marina Polishchuk, Patrice Godefroid and Ram Nagaraja. (Photography by Scott Eklund/Red Box Pictures) Too many bugs, not enough security experts It turns out that Microsoft customer’s challenge wasn’t unusual. Project Springfield is being released at a time when many companies are facing a tough conundrum: Serious attacks on software are going up, but the supply of security engineers trained to fight those attacks is staying steady. That means plenty of companies can’t afford, or can’t find, the staff they need to do fuzz testing. They need an easier, more automated solution. “Most companies may not have a security engineer and wouldn’t even know what a fuzzer is,” Thomas said. It’s also coming at a time when many companies are revamping their systems to appeal to new digital tastes, adding mobile offerings, online sales or cloud-based services. Chad A. Holmes, a principal and cyber strategy, technology and growth leader for the professional services firm Ernst & Young LLP, said that means many companies need a system like Project Springfield, which has the cloud-based capacity to run a very high volume of security tests at the same time and root out the most critical concerns. “That’s one of the largest challenges they run into, the scale of testing these applications,” Holmes said. “That’s where a tool like Springfield comes in.” EY may offer Project Springfield as part of the security offerings it has for customers. Making beer and finding bugs For many companies, finding bugs is important not just because it can protect a company against hackers but also because it can save time and money. Take the craft beer brewer Deschutes Brewery, for example. If there’s a glitch in the software it uses for analytics, it can literally mean that money – or, in this case, beer – has to go down the drain. “The brewery doesn’t get a batch of beer back when something goes wrong,” said Bryan Owen, a cyber security manager with OSIsoft, which has been helping Deschutes build a system that can bring together data from multiple sources. “It’s just lost.” OSIsoft used Project Springfield to proactively look for bugs and other vulnerabilities as part of an overhaul of Deschutes’ analytics systems, which included installing its PI System,PI Integrator for Microsoft Azure, and deploying the Cortana Intelligence Suite. Deschutes Brewery’s brewmaster, Brian Faivre, said the new analytics systems have helped them figure out ways to make better beer, without having to worry about the technical details. “Our job is really focusing on quality and making beer,” Faivre said. “If, at the end of the day, this is helping us do a better job, that’s what we really value and we care about.” Peter Lee (Photography by Scott Eklund/Red Box Pictures) Beating the bad guys Project Springfield also has been developed at a time in which Microsoft researchers are getting more aggressive about quickly translating their groundbreaking research into tools customers can use. With Project Springfield, Peter Lee, the corporate vice president in charge of Microsoft Research’s New Experiences and Technologies organization, said the team was determined to make sure it was “literally rubbing elbows” with the clients who were participating in an early preview of the system, having regular, face-to-face meetings to make sure it would meet their security needs. “I actually view it as a collaboration,” he said. “In my mind, we’re doing the research together.” Lee said that type of collaboration between researchers and developers is especially important in the security field, because it’s so tough for the good guys in computer security to stay ahead of the bad guys. That’s because the bad guys have the tools, expertise and financial incentive to exploit vulnerabilities faster than the good guys can find them. He sees cloud-based tools like Project Springfield as a key tool in the good guys’ arsenal. “This is one of the areas where, finally, the good guys have an advantage,” he said. Sursa: https://blogs.microsoft.com/next/2016/09/26/microsoft-previews-project-springfield-cloud-based-bug-detector/#sm.001xkp83k12aoe5uqzo2o1ae0f0fz

WSSAT - Web Service Security Assessment Tool Lydecker Black on 11:30 AM | Post sponsored by Netsparker Web Application Security Scanner WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests against the security vulnerabilities. It also makes information disclosure controls. With this tool, all web services could be analysed at once and the overall security assessment could be seen by the organization. Objectives of WSSAT are to allow organizations: Perform their web services security analysis at once See overall security assessment with reports Harden their web services WSSAT’s main capabilities include: Dynamic Testing: Insecure Communication - SSL Not Used Unauthenticated Service Method Error Based SQL Injection Cross Site Scripting XML Bomb External Entity Attack - XXE XPATH Injection Verbose SOAP Fault Message Static Analysis: Weak XML Schema: Unbounded Occurrences Weak XML Schema: Undefined Namespace Weak WS-SecurityPolicy: Insecure Transport Weak WS-SecurityPolicy: Insufficient Supporting Token Protection Weak WS-SecurityPolicy: Tokens Not Protected Information Leakage: Server or technology information disclosure WSSAT’s main modules are: Parser Vulnerabilities Loader Analyzer/Attacker Logger Report Generator The main difference of WSSAT is to create a dynamic vulnerability management environment instead of embedding the vulnerabilities into the code. This project has been developed as Term Project at Middle East Technical University (METU), Software Management master program. Download WSSAT Sursa: http://www.kitploit.com/2016/09/wssat-web-service-security-assessment.html