FlasHack (III)

Welcome back to the FlasHack posts, today we are going to discuss the Flash Local Shared Objects or also knows as Flash cookies. These are files used by Adobe Flash to store information related to the movies and store some information that is going to be interesting during a pentesting or a forensic assessment. They are stored in different places in each operating system: Windows %APPDATA%MacromediaFlash Player#SharedObjects<random code><domain><path – maybe°><object…

TRACE, OPTIONS and others HTTP Verbs | InteliSecure

Hi!! Another post here after a some time… I’m really busy at work right now but I also need these small breaks to carry out my own testing and share a bit of what we learn here at Pentura. I want to write today about the TRACE, OPTIONS and others HTTP verbs. Sometimes in reports we can see that they discovered the TRACE verb active in our server. How they…

New version of Wfuzz!

I don’t like automatic tools. Full stop. Well… not full… I like some semi-automatic tools. One of these tools is wfuzz. I love this python script to perform a quick look over all the directories in a website and sometimes to test against some basic authorization bypass fuzzing a numeric parameter. The use of this tool is very easy and I’m not going to explain here, you can read the…

Shorty Authentication Bypass

(This post was posted originally at my personal own blog and also featured in the exploit-db.com website) Today, reading some stuff at internet I have found an article about 7 PHP scripts to generate shorts URLs. This kind of links are very common today with a lot of controversy about the security risk that they implied. I’m not here (now) to discuss about shorting URL’s services but to talk about…

The danger of the default files

(This post was originally posted in my own personal blog) During my current research I have found some default files that some web frameworks includes into their installations that can compromise the security of a website. It also can allow an attacker to determine which framework a web page is using. The first of these files is from the symfony framework. They offer to the developers a useful script called…

Web security news and the “Hack of the Year”

Long time since my last post but I was a bit busy on customer on-site testing. Nice days of application testing but now is time to write here again. I read long ago a fantastic book about security named “The Art Of Intrusion” wrote by the (in)famous Kevin Mitnick. He told amazing histories about security and intrusions without giving too much technical details about them but the enough to understand…

2010 CWE/SANS Top 25 Most Dangerous Programming Errors

A few weeks ago was released a new version of the “Top 25 Most Dangerous Programming Errors” list about coding bugs that the MITRE and SANS released last year. This new version comes with a better layout to a better understanding about the risks, the remedies and focus into the identification of the problem. From my point of view is very interesting the table which defines the weakness by language.…

Testing and virtual machines

Sometimes I need to test specific software version or make a custom machines for a specific propose like developing in a particular language. For now I used my personal machine for it, but today I have discovered something that I’m planning  adapt to my day by day. I was a bit lazy about creating virtual machines because I need to download a whole CD image, install it and later configure…

Testing Flex applications (III)

Today, after understanding how Flex applications works and how analyse Flex applications to obtain the list of services and methods, we are going to discuss how to pentest Flex apps to try to generate our fake AMF packets. deblaze This tool has some good and bad points in the testing of Flex applications. Being a console tool is very easy to generate automatic scripts with it or add some functionality…

Testing Flex applications (II)

In the previous post we manage to extract some information from the SWF file and understand the structure of the important part in a Flex application. In this chapter we are going to automatize the process of extraction and analysis. If you are sharp-eyed you probably saw the “deblaze” name in the past post screenshots. This is the name of the first tools we are going to use today and…