Showing Posts From

January 2017

  • 27 Jan 2017

A Tale Of Bitmaps: Leaking GDI Objects Post Windows 10 Anniversary Edition

A novel technique for leaking kernel bitmap object addresses in Windows post-Anniversary Edition is detailed. The method exploits memory reuse in the kernel's paged pool by leveraging accelerator tables and bitmap object allocation. This approach provides a way to retrieve kernel object addresses after previous information leak protections were implemented.

  • 10 Jan 2017

Digital Lockpicking: Why Your Front Door Shouldn't Be On The Internet

A critical vulnerability was discovered in FingerTec/ZKTeco biometric access control devices. The unencrypted UDP protocol allows attackers to create unauthorized admin accounts, extract user data, and potentially unlock doors without authorization. Over 4000 such devices are exposed on the internet, posing significant security risks.

  • 4 Jan 2017

High Interaction Honeypots with Sysdig and Falco

A technical exploration of using sysdig and falco tools to rapidly deploy high-interaction honeypots on Linux systems. The project demonstrated techniques for monitoring and forensically analyzing attacker interactions through detailed system call and log capture. Two case studies revealed successful honeypot deployments that captured real-world attacker behaviors and malware interactions.

Trust? Years to earn, seconds to break

An Active Directory security vulnerability involves the TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION (T2A4D) User-Account-Control flag. The vulnerability can allow attackers to exploit Kerberos protocol extensions and potentially compromise domain controllers through dangerous authentication delegation attacks. Mitigation strategies include carefully managing account delegation settings and protecting sensitive user accounts.