Showing Posts About

Server security

  • 10 Apr 2024

Abusing search permissions on Docker directories for privilege escalation

A privilege escalation vulnerability was discovered in Docker environments where the /var/lib/docker directory has search permissions for other users. Low-privileged attackers can access container filesystems by exploiting these permissions. By modifying container startup scripts and leveraging host reboot capabilities, attackers can potentially gain root access on the host system.

  • 23 Mar 2016

LoRa Security: Building a secure LoRa solution

A whitepaper by Rob Miller explores the security aspects of LoRaWAN technology. The document provides insights into securing LoRa systems and understanding potential attack methodologies. It aims to help developers comprehend their security responsibilities when building LoRa solutions.

Abusing PuTTY & Pageant through native functionality

A technique for remotely interacting with SSH keys stored in PuTTY's Pageant SSH agent on Windows is explored. The method leverages native functionality to proxy SSH authentication requests through a compromised workstation without traditional exploitation. An attack tool called PageantJacker enables forwarding authentication requests to a remote Pageant instance, allowing an attacker to use a target's SSH keys from their own machine.

Mass HTTP Enumeration with Metasploit

A Metasploit module enables mass HTTP enumeration of web servers during penetration testing. The module efficiently extracts server headers, HTTP status codes, and page titles across large networks. It allows quick identification of interesting or anomalous hosts using Metasploit's database and multithreading capabilities.

Memory Allocation: How injecting into your own tools might help you compromise a Windows domain

ADEGrab is a memory injection tool designed to extract search results from Sysinternals' AD Explorer by directly accessing the application's memory. The tool allows penetration testers to copy search results from Active Directory exploration tools that do not natively support result export. It uses Windows API calls to read and manipulate memory within the AD Explorer process, enabling users to capture and save search results.

  • 5 Jan 2012

Distributed Hash Cracking on the Web

A distributed hash cracking project explored using WebGL and WebCL technologies to crack password hashes through web browsers. WebGL proved unsuitable for hash computation, but WebCL showed promising performance for parallel processing of hash cracking. The project deployed a distributed system using web advertising to harness browser computing power for password retrieval.

  • 2 Jun 2010

Journey to the Centre of the Breach

This whitepaper explores computer forensics techniques for investigating a server security breach. It details a case study of an FTP server incident, demonstrating how digital forensic methods can be applied to log file analysis and malware reverse engineering. The document highlights the broader application of forensic investigation techniques beyond law enforcement.