Bob Vulnhub Vm Writeup - 2018-05-30 22:50:00

Presented by Paul w Follow me on Twitter Introduction Tonight I thought I’d have a go at a box on VulnHub the box I picked was a fairly recent one as I wanted to ease myself back into doing some CTFs - I’ve been a bit busy doing other things recently - anyway I chose the box Bob:1.0.1 it sounded fairly simple: “Your Goal is to get the flag in / Hints: Remember to look for hidden info/files”

STEM CTF Cyber Challenge 2018 Write Up - 2018-04-21 00:00:00

Written by Rob (@iamrastating) Challenge: “Express” Checkout Description It took a lot of courage but our great team accomplished the unthinkable. We are happy to announce a fantastic new express checkout experience. Our customers are going to love it! This new workflow has your items delivered to someone else in no time flat! Categories Web Points 50 Solution Viewing the customer listing revealed e-mail addresses of all customers. The challenge was solved by enumerating all e-mail addresses to find one which could be used on the checkout page for dandelions.

AES decode with Cyberchef - 2018-03-20 23:50:00

Presented by Tim Follow me on Twitter Introduction This is a follow up article to Paul W’s write-up about m1con’s mobile ctf. In the article, Paul mentioned Cyberchef, and it was a quick way of solving the challenge. Since Cyberchef wasn’t covered, and may provide a quicker solution for future ctf challenges, I decided to describe it here. What is CyberChef? CyberChef was developed by GCHQ to quickly perform certain operations on inputs.

M1Con CTF Write up - 2018-03-20 23:50:00

Presented by Paul w Follow me on Twitter Introduction Last night I went to the meetup group “M1 Con” hosted by Digital Interruption and Outsource UK Ltd. Jay Harris gave a talk about mobile security - it wasn’t super technical, but it highlighted the fact that clearly security is still a bit of an after thought especially when it comes to mobile development - he cited examples of issues that crop up in mobile devices that were fixed in web apps (XSS vulnerabilities for example) long ago.

My Weird Path to Infosec - 2018-03-09 21:42:40

Written by Tim My “Weird” Path to Infosec This article was inspired in part by the growing number of people tweeting about thier infosec Journeys. As mine is a little long, I though I would blog about it, rather than tweet. It is well established that I am reasonably old. Not massively old, just reasonably. Apparently, I am a member of a generation which is called the Xennials. I had an analogue childhood and now live in a digital time.

Eavesdropping on WiFi Baby Monitor - 2018-02-25 00:00:00

Written by Rob Whilst analysing a number of free communication based applications on the Google Play Store, I took a look at WiFi Baby Monitor: Free & Lite (the free version of WiFi Baby Monitor). Although the premium version offered users the ability to specify a password to be used in the pairing process, the free version offered no such function. Monitoring the traffic using Wireshark during the pairing process revealed:

Disclosure Woes: Dealing With Non-Techies - 2018-02-02 00:00:00

Written by Rob What I Am Writing About Unlike most things I publish, this isn’t going to focus on how I came to find a vulnerability, but rather the problems I had trying to disclose it, and things that I could have approached better, in the hope it may help other people in the future if faced with being a small fish in a big pond which is trying to approach a larger organisation, who have few technical staff.

Man in the Middle attacks on mobile apps - 2018-02-01 17:17:29

Written by Jay During most mobile application or IoT pen test, it’s often a requirement to perform a man in the middle attack to view network traffic. Below are some approaches which work when the it’s not possible to set a system proxy (or when a mobile application does not honour it). ARP Poisioning Pros/Cons Pro cons Easy |Active attack; can be detected Redirects all traffic |Can be risky |Device and laptop need to be on the same network.

SPF / DKIM / DMARC - Where to start - 2018-01-20 20:16:23

Written by Tim SPF / DKIM / DMARC - Where to start The alphabet soup from the title of this blog post are the DNS records you should have in place to help keep your domain from being abused by a spammer. Or worse, someone spreading malware. If you already have them in place, congratulations. Why are you reading this article? Move on to DNSSEC. Still here? Good. Since it’s creation, email has never had security in mind.

The injected coinhive iframe - a quick look - 2018-01-15 19:55:50

Hi everyone, this is my first blog post so I thought I’d introduce myself: My name’s Brett, I’m currently a security engineer for a MSP where a portion of my job (as well as being a member of the SOC) is to look after and make sure the abuse queue is dealt with and ensure that the abuse of our services are kept to a minimum. I’m writing this blog post up because I do see this type of compromise a lot and I thought I would share my experiences in how I’ve seen it occuring in the wild in the hope that it will help Threat hunters and other similar roles in discovering and dealing with such compromises and the kind of simple IOCs and data points to look for!