Author: geri (page 2 of 3)

SoapUI with Burp

In a recent project I tested a web service and we got a nice SoupUI project for it. SoupUI is a great tool but you somehow miss the nice features of Burp, such as the Intruder. But of course the idea comes immediately: why not to chain them? It turns out this is not as trivial as it seems for the first sight.
Continue reading

Shellcode wrapper for Linux

This post is about how to create Linux binary executable shellcodes using msfpayload.

Continue reading

Installing Dradis on Backtrack

This post is more of a note for myself then an interesting technical stuff but it might be useful for somebody else as well.

You might already know the Dradis Framework if not check it out here. It is basically a note taking web application which focuses on penetration tests and other security assessments. It allows testing teams to quickly share the collected information about the tested environment with each other.
Continue reading

Please, don’t use user supplied XSLT

I didn’t even want to write about this, because hopefully it is not a wide spread problem but it is such a catastrophic programming mistake which I saw in a production system that I felt the need to talk about it. So to summarize this blog post in one sentence: total client-side exploit using user defined XSLT.

Continue reading

Book review: Advanced Penetration Testing for Highly-Secured Environments

I recently obtained the Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide book, so I figured I write a little summary about it as I did with the other security books that I read.

Continue reading

Experiences in pentesting DWR

I was lucky enough to do a penetration test on applications using Direct Web Remoting (DWR), and I would like to share my experiences. It is another interesting technology in the wild jungle of the web frameworks and libraries. It defines itself as follows:
“DWR is a Java library that enables Java on the server and JavaScript in a browser to interact and call each other as simply as possible.”
Continue reading

Book review: Securing the Cloud

The cloud is everywhere. It is all over us. But everybody knows that. I have been interested in could security for quite a while, so I decided to read a book to see how it is defined from A to Z today. After reading some reviews I chose the Securing The Cloud; Cloud computer security techniques and tactics written by Vic (J.R.) Winkler.
Continue reading

Tricking the XML parser

Nowadays there are numerous web application frameworks to implement a rich web application. I have already written about one of them. These frameworks usually use AJAX and XmlHttpRequests filled with either XML or JSON. In this post I will write about the XML part. In that case the first step is always to fight with the XML parser on the server-side.
Continue reading

Welcome to the Jungle

This post will describe the general problem in having embedded devices in your network. Mitigation techniques and work-arounds will be shown how to reduce the risk introduced by them.

But to make it more interesting listen to this while reading.

So it all started with a network pen test which was like hiking in a rainforest and seeing all those weird animals and human-eating flowers that live there. All these creatures in the network were different very exotic embedded devices. They were really interesting as well as very much vulnerable.
Continue reading

Revenge of XHTML

My colleague brought my attention to a really interesting ‘feature’ of browsers. Namely that XHTML namespaces in an XML document will be rendered as XHTML instead of XML. That means that if you can some way control an XML that will be rendered by the target’s browser, then you can insert HTML and of course JavaScript code. So this feature widens an XML injection to an endless attack vector.
Continue reading

Older posts Newer posts

© 2017 Æther Security Lab

Theme by Anders NorenUp ↑