-
Dave Hartley - 3 Sep 2012
SAP Parameter Injection
A vulnerability in SAP's Host Control service enables remote unauthenticated command execution on Windows SAP systems using SAP MaxDB. The attack involves manipulating parameters of the dbmcli executable to write and execute attacker-controlled commands. Metasploit modules were developed to demonstrate command injection across different SAP system interfaces.
- 1 Sep 2012
A Look at the BlackBerry OS as a Secure Platform for Third Party Applications
This article examines critical security vulnerabilities in the BlackBerry OS for third-party applications running in the BlackBerry Internet Service environment. Key security issues include unprotected data storage, insecure data transmission, and weak application sandboxing that could allow malicious apps to compromise device security. The study reveals multiple attack vectors such as database manipulation, input simulation, and unauthorized screenshots.
- Nils
- 1 Sep 2012
PinPadPwn
A presentation at BlackHat 2012 exposed critical security vulnerabilities in payment terminals. Memory corruption attacks were demonstrated to be possible through complex input handling and network interfaces. The research highlighted potential code execution risks in payment terminal systems.
- 23 Aug 2012
Mercury Reflection
Mercury developed a dynamic reflection interface for Android security assessment that enables runtime code execution and plugin creation. The interface allows developers to load Java code dynamically on the server side without modifying the core application. This approach provides flexible functionality for examining and interacting with Android applications through a simple set of reflection methods.
- 20 Jul 2012
Hacking Embedded Devices: UART Consoles
Hardware hacking techniques can provide root-level access to embedded devices through UART console interfaces. By physically inspecting circuit boards and identifying specific pins, access to hidden device consoles can be obtained. The methodology involves using tools like oscilloscopes and logic analyzers to locate and interact with serial interfaces on devices such as routers and modems.
- Luke Jennings
- 18 Jul 2012
Incognito v2.0 Released
Incognito v2.0 is a Windows security tool for token enumeration and manipulation. The new version introduces multi-host input, multi-threading, grepable output, quiet mode, and improved handling of administrative privileges. Key improvements include better API compatibility, enhanced token discovery across multiple systems, and more flexible output options for security professionals.
- 11 Jun 2012
HackFu 2012
HackFu 2012, a cybersecurity event, is scheduled for June 28th. Multiple Twitter accounts will provide live updates during the event. Participants can follow the action on designated Twitter handles like @umd9, @_cyberdyne_, @r3dl4nd, and @neweurope_.
- 6 Jun 2012
veripy is Released
MWR Labs released veripy, an open-source testing tool for IPv6 network transition. The tool aims to build confidence in hardware and software products supporting IPv6 networking. veripy is designed to help organizations navigate the complex shift from IPv4 to IPv6 infrastructure.
- 30 Apr 2012
Building Android Java/JavaScript Bridges
This article explores security vulnerabilities in Android WebView implementations, focusing on Java/JavaScript bridges. It examines methods like addJavascriptInterface and method overriding that allow native code exposure to web content. The research highlights potential attack vectors in cross-platform mobile application development frameworks, particularly in PhoneGap.
- Dave Hartley
- 27 Apr 2012
MWR SAP Metasploit Modules
Metasploit modules were developed to assess SAP systems through Remote Function Calls (RFC). The modules enable security professionals to enumerate SAP clients, brute force logins, extract user hashes, and execute arbitrary commands across different SAP system configurations.
- Dave Hartley
- 27 Apr 2012
SAP Slapping
Dave Hartley presented the "SAP Slapping" talk at CRESTCon and BSides London, exploring common vulnerabilities in SAP systems. The presentation provided an overview of SAP security misconfigurations. Metasploit modules were demonstrated to highlight potential security weaknesses in SAP infrastructure.
- 23 Apr 2012
Adventures with Android WebViews
This article provides guidance on securing Android WebViews by implementing best practices for mobile application security. Key recommendations include disabling JavaScript and plugins, restricting file system access, and implementing resource inspection techniques to prevent potential vulnerabilities. The article details methods for intercepting and controlling resource loading within WebViews to enhance mobile application security.