Last week I was hanging out at the Ethical Hacking conference
in Budapest, when an advertisment for a secure mobile communication
platform was given to me by one of the decorative hostesses. The
paper – being typical marketing material – contained very little
technical information, but instead tried to promote their product on
the basis of being the first company to develop such a solution, how
being military grade matters and also describing what cryptochips are
and how they …
What's a honeypot?
A honeypot is computer system running vulnerable software deliberately
to lure attackers to the system and to log their actions. Honeypots
are useful for detecting emergent cybersecurity threats, analysing the
attackers behaviour and discovering 0-day exploits. The most popular
honeypot software include Kippo, Glastopf, Dionaea and Thug.
Why create a new one?
While there are several different honeypot software available for
free, these honeypots try to emulate …
usage: wascan.py [-h] [-u] [-b] [-w path] target
Web Application Scanner
target target url to scan
-h, --help show this help message and exit
-u, --unique print only unique content
-b, --brute bruteforce urls
-w path set the wordlist to use
Download me from GitHub
I’ve started out to build a web application scanner. The first usable iteration is ``wascan'' (sorry, I’m bad at naming things …
A small webserver for your devices
mini_httpd is a small webserver which is used mostly in embedded environments like routers, modems and industrial control devices. The most prevalent version on the internet is based on
mini_httpd/1.19 19dec2003. The webserver usually contains vendor specific patches.
The webserver contains an information disclosure vulnerability. An attacker can specify a long enough protocol string to reveal parts of the processes memory. The vulnerability …
Lock screens are still hard
Just the other day I’ve noticed that the main screen is shown on my android phone when I exit from an application that is launched while the phone is locked. In my case I can run either the camera or a note taking application by pressing a button on the back of the phone.
It turns out that during that brief period we have access to the phone and if we time our actions right, we can start programs or change settings by quickly tapping on the screen. Surely it’s a bit …
Wireless for all
In late 2014 UPC has activated a roaming wifi service called Wi-Free on it’s CPE devices. The service is designed to allow subscribers to use each other’s network connections and thus create a sort of a roaming network. The service is appealing to many users since it provides fast and unlimited internet access almost everywhere in contrast to the usually slow and expensive mobile network packages.
The service is activated for all subscribers by default, with the possibility to …