Apr 102014
 

Heartbleed Advisory & FAQ Please find below a quick FAQ on the Heartbleed vulnerability and what you can to address it: Q. What is the Heartbleed vulnerability and what is its impact? The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This includes pretty much all Apache web servers as well as numerous security devices such as SSL VPNs, load Read More…

Mar 292014
 

Most large organizations provide wireless facilities for their guest, which may include vendors, consultants, business associates, employees from other regions etc. Certain points should be considered while implementing a guest wireless network. Encryption in use Captive Portals or Guest Authentication Network Segregation Finding the SSID of a Hidden wireless network To simplify the connectivity for guest devices some organizations configure their networks without encryption i.e. ‘OPEN’. To prevent un-authorized entities from connecting to their networks Read More…

Jan 282014
 

SQL injection – one of the most critical vulnerabilities till now – is still included in the OWASP Top 10 list’s Injection flaws section. SQLMap is a tool that helps penetration testers prove that SQL injection is one the most critical vulnerabilities present in enterprise security. ‘SQLMap’is a simple python based tool to exploit SQL injection vulnerabilities to the level where it raises eyebrows becausethis tool can be used: To scan web application for SQL Read More…

Dec 162013
 

Browser Reconnaissance and Ex-filtration via Adaptive Compression of Hypertext (BREACH) Attack: Previously we learnt how CRIME attacks SSL/TLS using SSL/TLS compression. Now we look at a more recent attack called the BREACH attack. BREACH attack is quite similar to CRIME attack with subtle differences. This attack also leverages compression to extract data from a SSL/TLS channel. However, its focus is not on SSL/TLS compression; rather it exploits HTTP compression. Here, the attack tries to exploit Read More…

Dec 092013
 

Compression Ratio Info-leak Made Easy (CRIME) attack: In the previous section we saw how the Chosen Plain-text attack was used to weaken the SSL/TLS protocol. In this section we look at another attack on the SSL/TLS protocol. The attack was presented by Juliano Rizzo and Thai Duong; same pair of researchers who demonstrated BEAST attack. This attack is dubbed as Compression Ratio Info-leak Made Easy (CRIME) attack. The CRIME attack is used to extract session Read More…

Dec 022013
 

Recently there has been a lot of news about a new SSL/TLS based attacks which was demonstrated in this year’s BlackHat conference. The attack was on SSL/TLS and was dubbed BREACH attack. The attack targeted sensitive data being transmitted in HTTP responses. In this article we will explore the BEAST attack as well as two other well known sophisticated attacks on SSL/TLS protocol such as CRIME and BREACH. Browser Exploit Against SSL/TLS (BEAST) attack: The Read More…

Oct 182013
 

Overview: In this following test, I wanted to see whether I was able to view personal details of some other person who was not in my connection list on LinkedIn. By default, LinkedIn doesn’t allow you to view the contact details of the person who is not in your connections list. Let us dig deeper to find out whether it is really possible. Technical Details: 1)      A user logs in to his LinkedIn Account and Read More…