Bold Statements
Hello and a happy new year 2015 to everybody!
As follow up of our 2014 talk “LTE vs. Darwin” I want to inform you about our telco research in 2015. We are currently dealing with the so called IP Multimedia Subsystem (IMS), which handles the call and media logic of 4G telecommunication networks. This network part provides functions like VoIP (or VoLTE) and takes care of the interconnection to other call or media related networks.
Continue reading “Telco Research 2015”
Following up on this post, we want to provide some details on two rather new (well, compared to its lifespan) Linux kernel parameters — and emphasize the need to enable those:
Continue reading “Hardening Against Local PrivEsc: Protecting Your Links”
Continue readingAs we promised some days ago here’s the fourth round of Troopers15 talks (the first three can be found here). We really can’t wait for the con ourselves 😉 !
Continue reading “Troopers15 – Fourth Round of Talks Selected”
Continue readingOne interesting observation we make when testing complex environments is that at the bottom of huge technology stacks, there is usually a handful of shell scripts doing interesting stuff. More often than not these helper scripts are started as part of cron jobs running as root and perform basic administrative tasks like compressing and copying log files or deleting leftover files in temporary directories. Of course, these high privileges make them an interesting target for privilege escalation attacks and one class of vulnerability we reliably encounter in shell scripts is unsafe handling of globbing or filename expansions. Continue reading “Revisiting an Old Friend: Shell Globbing”
Continue readingAfter we recently released the “Linux IPv6 Hardening Guide” we got a number of suggestions “could you pls provide a similar document for $OS?” (btw: thanks to you all for the overwhelming interest in the Linux document and the active discussion of ip6tables rule approaches on the ipv6hackers mailing list).
Continue reading “IPv6 Hardening Guide for Windows Servers”
Continue readingAs we promised some days ago here’s the third round of Troopers15 speakers (first one here, second here). It’s going to be awesome!
Continue reading “Troopers15 – Third Round of Talks Selected”
Continue readingLately we had to analyze QR-Codes in a pentest. Those held some random data which was used as a token for login and we wanted to know if that data was really random.
Continue reading “Getting 20k Inline-QR-Codes out of Burp”
Continue readingWe were recently approached by a customer asking us for support along the lines of “do you have any recommendations as for strict hardening of IPv6 parameters on Linux systems?”. It turned out that the systems in question process quite sensitive data and are located in certain, not too big network segments with very high security requirements.
Continue reading “IPv6 Hardening Guide for Linux Servers”
Continue readingWe just released a white paper authored by Antonios Atlasis that provides an overview which pentesting tools currently support IPv6 and how to (still) use them if that’s not the case. It can be found in our newsletter section.
Best
Enno
Continue readingAs we promised some days ago when we published the first round, here we go with the second:
Continue reading “Troopers15 – Second Round of Talks Selected”
Continue reading