Events
by Niki Vonderwell

Announcing the first 5 talks of TROOPERS18!!!!

TROOPERS17 was unlike any TROOPERS we had known before. Everything just seemed bolder, better, and beyond our expectations. From surprise speakers like the grugq (do you have a follow-up talk for #TR18 by the way?) to new speakers who are now TROOPERS family, TROOPERS17 is one for the history books!

If you were there you might be wondering to yourself, how could they possibly top it (and if you were not there check out this video from TR17)? Well, I am not going to lie, it will be a challenge. However, the high quality of talk and training submissions for this year have us feeling pretty positive about making #TR18 the “best year ever”!

With that being said I am happy to introduce the first official 5 talks of TROOPERS18!

Continue reading “Announcing the first 5 talks of TROOPERS18!!!!”

Continue reading
Building
by Enno Rey

Why It Might Make Sense to Use IPv6 in Enterprise Infrastructure Projects

Looking at IPv6 deployment graphs like this one it becomes clear that IPv6 still is not widely deployed in enterprise space (the reason for the apparent oscillation in that curve is the difference between working days – where people use their office computers – and weekend where they preferably use their smartphones or their home equipment connected by means of broadband networks).

Continue reading “Why It Might Make Sense to Use IPv6 in Enterprise Infrastructure Projects”

Continue reading
Events
by Simon Lipke

My Journey to DockerCon Europe 2017

From October 17th – 19th I had the chance to attend my first DockerCon Europe 2017.

The conference was very well organized and attendee focused, which could be seen by the many little details found on the conference. For example you never ran out of coffee or beverages, there was a new Hallway Track where you could meet people from all disciplines, discuss about your favorite topics and there was always a place to sit and take a break between all those interesting presentations. I had the chance to speak to very nice people from different industries, most importantly in my case on the topic security. It was nice to see how the Docker community is growing and the adoption rate is increasing, especially in companies. The main focus of the conference (especially seen in talks held by people from Docker Inc.) was the Docker Enterprise Edition.

Continue reading “My Journey to DockerCon Europe 2017”

Continue reading
Breaking
by Kevin Kelpen

Extract Non-Exportable Certificates and Evade Anti-Virus with Mimikatz and Powersploit

Some time ago, one of our customers contacted us with a special request. For some legitimate reason, they needed to centrally collect certain certificates including their private keys which were distributed across many client systems running Windows and stored in the corresponding user stores. Unfortunately (only in this case, but actually good from a security perspective), the particular private keys were marked non-exportable making a native export in the context of the user impossible. As if this wasn’t enough, the extraction was supposed to be executed in the context of the current user (i.e. without administrative privileges) while not triggering the existing Anti Virus solution at all. Also, the certificates needed to be transferred to some trusted system where they could not be accessed in an unauthorized way. So let’s have a look how we tackled these problems:

Continue reading “Extract Non-Exportable Certificates and Evade Anti-Virus with Mimikatz and Powersploit”

Continue reading
Events
by Niki Vonderwell

TROOPERS for Students!

We are super excited for TROOPERS18 (March 12-16th, 2018) as are many of you! We even have this great saying that “after TROOPERS is before TROOPERS”, which means we spend a lot of time looking through feedback from attendees, speakers/trainers, and our own Crew for ways to not only top what we’ve done in the years before, but also how to simply make it better for everyone involved.  Looking around at our Crew we realized how many have either attended TROOPERS or other conferences as students. We heard from them, as well as other students, how life changing it was to be able, as a student, to attend an IT-Security conference. How they got to meet a speaker whose work they’d read about in class. How people felt even more a part of the community they were studying hard to belong to.  Continue reading “TROOPERS for Students!”

Continue reading
Breaking
by Daniel Mende

Erlang distribution RCE and a cookie bruteforcer

In one of the last pentests we’ve found an epmd (Erlang port mapper daemon) listening on a target system (tcp/4369). It is used to coordinate distributed erlang instances, but also can lead to a RCE, given one knows the so called “authentication cookie”. Usually, this cookie is located in ~/.erlang.cookie and is generated by erlang at the first start. If not modified or set manually it is a random string [A:Z] with a length of 20 characters. If an attacker gains this cookie, a RCE is quite easy – as I like to describe below.

Continue reading “Erlang distribution RCE and a cookie bruteforcer”

Continue reading
Building
by Timo Schmid

Reading the BlueCoat FileSystem

You may remember our last post regarding the SGOS system and the proprietary file system. Since then, we got access to a newer version of the system (6.6.4.2). Still not the most current one (which seems to be 6.7.1.1) nor of the 6.6.x branch (which seems to be 6.6.5.1) though. As this system version also used the same proprietary filesystem (although it initially booted from a FAT32 partition), I decided to take a deeper look into this.

Continue reading “Reading the BlueCoat FileSystem”

Continue reading