Events

IPv6 Security Summit – Track 2

The Troopers experience will never be the same without the “IPv6 summit”. It is one of kind of two-day special event where different security experts gather to discuss IPv6 current challenges. It addresses different topics ranging from a broad introduction of the IPv6 to how secure the protocol  is and what  the latest standards are.

The summit is divided into 2 different tracks that run simultaneously. For the first day on the second track, Christopher Werny and Rafael Schaefer have carried out the first three sessions. Continue reading “IPv6 Security Summit – Track 2”

Continue reading
Events

Attacking Next-Generation Firewalls

Felix Wilhelm presented in his talk various ways to attack his new target – The PA-500 which is produced by Palo Alto Networks.

He discovered vulnerabilities in 3 different exposed aspects of the device. The first vulnerability occurred inside of an unauthenticated API from the Management-Website which could only be accessed within the Admin Network. This vulnerability was a typical off-by-one Command Injection, which could be abused by reaching out to the API with a special client=wget Request.

Continue reading “Attacking Next-Generation Firewalls”

Continue reading
Events

The Joy of Sandbox Mitigations

This year at TROOPERS16 in Heidelberg we welcomed James Forshaw for his talk about “The Joy of Sandbox Mitigations“.

He is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he has numerous disclosures in a wide range of products from web browsers to virtual machine breakouts as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate. Continue reading “The Joy of Sandbox Mitigations”

Continue reading
Events

Security Evaluation of Dual-Stack Systems [Troopers 2016 recap] (Part 1)

Dear Readers of Insinuator,

tldr;This blogpost presents a measurement study of a current security state regarding to open ports on a direct comparison of IPv4 and IPv6. The study analyses almost 58,000 dual-stacked domains in order to find discrepancies in applied security policies. We further discuss the potential reasons and, more importantly, the implications of the identified differences. \tldr;

For those of you who couldn’t participate at Troopers Conference 2016 in Heidelberg or watch my talk at the IPv6 Security Summit, I want to recap some of the most important parts of my research in this blogpost.

Continue reading “Security Evaluation of Dual-Stack Systems [Troopers 2016 recap] (Part 1)”

Continue reading
Events

SDR and non-SDR tools for reverse engineering wireless systems

Hey there!
The God of frequencies Michael Ossmann visited us again this year at the TROOPERS16 and showed us how to break another device using a specific setup.

Last time he introduced the HackRF One to us (Read here:https://www.insinuator.net/2014/08/hackrf-one-the-story-continues/), but this post is a short summary of his talk about “Rapid Radio Reversing”, he is a wireless security researcher, who makes hardware for hackers. Best known for the HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people.

Continue reading “SDR and non-SDR tools for reverse engineering wireless systems”

Continue reading
Events

Reflections on the IPv6-only WiFi Experience during Troopers

Hello,

Troopers is (unfortunately) over. It was a blast (but I may be biased ;-))! After things have settled, I want to take the opportunity to reflect my thoughts and impressions on the IPv6-only WiFi we had deployed during the conference. To make sure that everybody is on the same page let’s start at the beginning.

In the last couple of years we had provided Dual-Stack connectivity on the main “Troopers” SSID but also had an additional IPv6-only SSID. This year we decided to spice things up and made the “Troopers“ SSID IPv6-only (with NAT64) while providing Dual-Stack connectivity on the “Legacy“ SSID. We wanted to get a feeling how many clients and applications can work properly in an IPv6-only environment. We intentionally didn’t announce it vastly beforehand, hoping that attendees would just connect to the main SSID without noticing anything. We were aware that some applications might expose issues but, as I said , we wanted to get a feeling to which degree problems actually occured. Continue reading “Reflections on the IPv6-only WiFi Experience during Troopers”

Continue reading
Breaking

Classic Web Vulns Found in Google Search Appliance 7.4

Google Search AppliancesHi all,

I’ve recently found some sort of classic web vulnerabilities in the Google Search Appliance (GSA) and as they are now fixed [0][1][2], I’d like to share them with you.

First of all, some infrastructure details about the GSA itself. The GSA is used by companies to apply the Google search algorithms to their internal documents without publishing them to cloud providers. To accomplish this task, the GSA provides multiple interfaces including a search interface, an administrative interface and multiple interfaces to index the organization’s data. Continue reading “Classic Web Vulns Found in Google Search Appliance 7.4”

Continue reading
Events

Troopers 16 – Taking the Badge to yet Another Level!

Real men used to wear pink pagers, but that’s the past and recently it was time for Troopers 16. Meaning: Real Troopers wear awesome Badges! And, from the feedback we got, they did!
Troopers might be over, but the era of the TR16 Badge is seemingly just beginning. As such, here’s a quick insight into the badge!

Continue reading “Troopers 16 – Taking the Badge to yet Another Level!”

Continue reading