There is a lot of hype around DNS rebinding vulnerability and vulnerable IoT devices, including home cameras, air conditioners or climate control devices; this flaw will cover the lack of origin checking on HTTP requests. DNS Rebinding Attack DNS Rebinding allows an attacker who has control on a DNS server to communicate with a device […]
I don’t usually play CTFs, but this time i wanted to improve my radare2 and reversing skills.All crackme challanges can be found here.Levels from 1 to 3 are really entry-level, from 4 ahead start to be interesting. As the README says: “It’s reverse engineering, not cracking.”. That means we don’t have to patch the binary in […]
On March 13th, by using dnsrecon (https://github.com/darkoperator/dnsrecon) and a huge wordlist, I came across with an Amazon domain (hireon.amazon.com) with a Reflected XSS. Usually I don’t use to write an article for an XSS vulnerability, but I would share a trick I discovered during this analysis. Looking for a not existent resource, the following error […]
I often wondered how link generation functionality is implemented by major social network applications and, more specifically, the preview generation. Some time ago a friend of mine was spear-phished with a message through the Facebook chat, this happened before Facebook patched the chat application, allowing to exchange of messages only between people connected as friends. […]
In accordance with ethics of responsible disclosure, the vendor was informed but emails were left unreplied/ignored Timeline First email on 08 March 2016 Second email on 14 March 2016 Prelude In recent years we have seen an evolution of people lifestyle, and digital identity is becoming part of our real life with all connected risks.Our […]
Hi there, we missed here for quite a while but one more time we are back with something (hopefully) interesting. In the past months we have worked together with Symantec vulnerability response team to address some critical issues that were afflicting the Symantec Security Information Manager. Our R&D Team discovered vulnerabilities consisting of XSS (both […]
In the beginning of January 2013 we started a security research project focused on some of the most spreaded mobile applications and considering how popular Ruzzle became in the last months we could not take the app out from our targets. Hereafter we will discuss the results of our research about Ruzzle and the details of our […]