Lately we had to analyze QR-Codes in a pentest. Those held some random data which was used as a token for login and we wanted to know if that data was really random.
Continue reading “Getting 20k Inline-QR-Codes out of Burp”
Continue readingIPv6 Hardening Guide for Linux Servers
We were recently approached by a customer asking us for support along the lines of “do you have any recommendations as for strict hardening of IPv6 parameters on Linux systems?”. It turned out that the systems in question process quite sensitive data and are located in certain, not too big network segments with very high security requirements.
Continue reading “IPv6 Hardening Guide for Linux Servers”
Continue readingPenetration Testing Tools that (do not) Support IPv6
We just released a white paper authored by Antonios Atlasis that provides an overview which pentesting tools currently support IPv6 and how to (still) use them if that’s not the case. It can be found in our newsletter section.
Best
Enno
Continue readingTroopers15 – Second Round of Talks Selected
As we promised some days ago when we published the first round, here we go with the second:
Continue reading “Troopers15 – Second Round of Talks Selected”
Continue readingSecurity Implications of Using IPv6 GUAs Only
When planning for IPv6 addressing, many organizations – rightfully & wisely – decide to go with global unicast addresses (GUAs) only (hence not to use unique local addresses/ULAs as of RFC 4193 at all), in order to avoid address selection hell or just for simplicity & consistency reasons. This post discusses security implications and complementary security controls of such an approach.
Continue reading “Security Implications of Using IPv6 GUAs Only”
Continue readingIPv6 in RFIs/Tendering Processes
In one of our customer environments each vendor offering an IT product/solution is asked to fill out a questionnaire collecting information on a number of technical parameters with regard to their product[s]. We were recently asked to come up with a proposal of 8 to 10 IPv6-related questions to be added to the questionnaire/process. Here’s what we suggested:
Continue reading “IPv6 in RFIs/Tendering Processes”
Continue readingMLD Considered Harmful?
This is a guest post from Antonios Atlasis.
On Thursday the 20th Enno, Jayson and I had the pleasure to present our latest research results regarding MLD at Deepsec 2014, both from vendors’ implementation perspective as well as regarding protocol design flaws (some preliminary results as well as our testing methodology were discussed here and here).
For refreshing out memory, in a nutshell, the purpose of MLD, a subprotocol of IPv6, is to inform routers about the presence of nodes which are interested in receiving specific multicast traffic (RFC 2710). The newer version of MLD, MLDv2 adds the ability for source address selection (RFC 3810).
Continue reading “MLD Considered Harmful?”
Continue readingScal(e)ing down Privacy
As you might know we are continuously doing research on medical devices. I presented some of the new results at Power of Community 2014 last week and we thought we would share some of the details with you here. The focus of the previous work was testing medical devices that are used in hospitals like patient monitors, syringe pumps or even MRIs. This time we looked at a device that every user can use at home and which is available to anyone on the market: A smart scale.
The scale implements some basic features as you might have guessed, that is measuring your weight. In this case there are a lot more additional features that you can use, e.g. measuring the air quality, the room temperature, your heart rate and your fat mass. The latter makes testing this device quite hard, because somebody has to step on it and the results were not funny at all and will be kept secret! 😉
Continue reading “Scal(e)ing down Privacy”
Continue readingTroopers15 – First Round of Talks Selected
We’re delighted to provide the first announcement of talks of next year’s Troopers edition. Looks like it’s going to be a great event again 
.
Here we go:
Continue reading “Troopers15 – First Round of Talks Selected”
Continue readingGitHub Enterprise 2.0.0 Fixes Multiple Vulnerabilities
Recently we had the pleasure to take a look at GitHub’s Enterprise appliance. The appliance allows one to deploy the excellent GitHub web interface locally to host code on-site. Besides the well known interface, which is similar to the one hosted at github.com, the appliance ships with a separate interface called the management console, which is used for administrative tasks like the configuration of the appliance itself. This management interface is completely decoupled from the user interface.
During our assessment we focused on the management console where we found several vulnerabilities (others may have found them, too). On November 11, 2014 GitHub released a security advisory which included the most critical findings that have been fixed in GitHub Enterprise 2.0.0. Because the advisory doesn’t include any detailed information, we will discuss some of those vulnerabilities in detail.
Continue reading “GitHub Enterprise 2.0.0 Fixes Multiple Vulnerabilities”
Continue reading