Posts

Showing posts from 2013

Pentesting Android applications

Image
Hi all, I would like to talk about the coolness of android applications. So if you want to perform a security review an android app, how will you go about it? There are so many ways to go about this, i will highlight some of the ways I use. 1) Most android applications work just like Web applications, they send out HTTP requests using POST and GET methods. So a cool thing to do is to intercept and capture these requests, make modifications and monitor responses (which can also be intercepted and modified). So how can this be done? A sweet way to achieve this is by proxying all traffic from the application on your phone through a proxy tool such as Burp Suite (coolest tool for me). Now how can you direct that phone traffic to your Burp Suite which is probably running on a laptop or system? Well, you can use a great android tool called "Proxy Droid" to direct the traffic to the IP address and port on which the burp suite is listening. You can connect them to the same wire...

Default Configs - The Original Sin

It is with deep regret that I announce the security atrocities being commited by Internet Service Providers. These ISPs sell broadband solutions and actually imbibe no element of security on their part. My story: I recently purchased a popular broadband router modem because of its reputation of being very fast. I had a staff of the company set it up for me. I actually thought that  the setup would include some basic security advice on how to manage my modem, but that was not the case, the staff just changed my SSID to the name I wanted and THATS ALL. These were the settings untouched: 1) Username and password to log into the management console of the router. The default was (user:user)...jeeeezzzz. 2) The Wireless security protocol: It was left on WEP, instead of using the more secure WPA/WPA2. 3) The default wireless password is the MAC address of the router, which is written on the carton enclosing the router. There are a lot of these routers where I li...

Vulnerability Assessment and Penetration Testing: Imitating a cracker

Hello Everyone, My topic was prompted after I got to listen to some presentations by IT Security companies on carrying out a penetration testing on a company's network. It was quite a colorful and rich presentation about how they were going to scan the network from inside and outside, but the problem was that this has been the trend for some years now. Real world hackers are ever-dynamic evolving, upgrading, and getting more sophisticated by the day, most security consultant firms do not change in their methodologies. Majority of attacks are now client-side based and exploits the weakest link in the network - the user. Social engineering attacks are now more sophisticated than ever, employing clever techniques to bypass endpoint security. Dozens of social engineering tools are out in the wild and can easily be used against targets. Real-world attacks are well-funded, motivated and have a specific aim. Simulating these attacks, which is the job of the pentester, will involve a h...

TRUECALLER database HACKED!!!

Image
Truecaller, an app built by a Swedish company and also has the largest database of collaborative phone directory has been compromised by Syrian Electronic Army hackers. The app was running an outdated Wordpress version, and this has been compromised by hackers with millions of phone records stolen. They claimed to have downloaded more than 7 databases from Truecaller server of 450 GB in size. The Trucaller website is under maintenance, saying "We are doing some upgrades. Thank you for your patience" They also leaked the database admin usernames and passwords. Even if you are not a user of truecaller, you are still not exempted as one of your friends might be using it and has your number stored on his/her phone. Lesson : Limit the amount of information you put on the web. It is not safe and will never be.

The gospel of SPLUNK

Image
Hi everyone, Hope your past week wasn't as crazy as mine...I had some good time with a great tool for reviewing logs. Ladies and gentlemen, I bring to you the gospel of SPLUNK..:) I had to review some logs during the week, in each log, I had about 200,000 events and had five logs to go through. I actually didn't know what I should be looking out for, but I was meant to spot suspicious behaviours. I didn't have to search the internet for long before i came across a myriad of log reviewing tools, but the one that caught my attention was SPLUNK. Great tool, easy to use, and great user interface. Manager Interface The search interface I didn't have to watch any tutorials before i got the hang of it. Anyways, for those that want to give it a try, there is free download at  http://www.splunk.com/download?ac=get_splunk_download

OWASP Top 10 Vulnerabilities - same old list

Hi Everyone, Work has been crazy lately, but I would like to brief you about the OWASP Top 10 2013 which was released recently. As expected, SQL injection is top on the list. Here are the Top 10: A1 - Injection A2 - Broken Authentication and Session Management A3 - Cross-Site Scripting (XSS) A4 - Insecure Direct Object References A5 - Security Misconfiguration A6 - Sensitive Data Exposure A7 - Missing Function Level Access Control A8 - Cross-Site Request Forgery (CSRF) A9 - Using components with known vulnerabilities A10 - Unvalidated Redirects and Forwards I wont go into the breakdown of each of these components, further details can be gotten at the official OWASP site . From the list above, it is disappointing to note that about a decade after the first OWASP top 10 was released, the major vulnerabilities have not been eliminated. Developers are still too focused on functionality and paying less attention to security. There is a need to engrave this list on the forehe...

Security: The peacemaker

We have fears - some known others unknown. The unknown ones greatly outnumber the known...as it seems the unknown are generated from the known. This is the human mind at work, that is what differentiates it from physical efforts - the ability to go past the present and try to predict the future. Our predictions are usually a fall-out of our emotions at that moment. Technology is a world where machines are used for and against each other. Each participant has a flaw that another can exploit - this was not the plan of the originators. They were created to help each other and work hand in hand to help mankind. Security is the force that ensures they carry out their functions are purposed from creation. If there was perfect peace then the presence of security is pointless, but the world as we know it has been wrought with evil and the presence of security is needed now more than ever. As more flaws are being exploited, the more important it is to secure our precious creatures and put t...