Stay up-to-date with the latest news and updates by subscribing to our RSS feed!
Try Harder – stay up-to-date with the latest Offensive Security news and Kali updates by subscribing to our RSS feed!
After discussing the recent Yahoo DOM XSS with Shahin from Abysssec.com, it was discovered that Yahoo’s fix is not effective as one would hope. According to Yahoo, this issue was fixed at 6:20 PM EST, Jan 7th, 2013. With little modification to the original proof of concept code written by Abysssec, it is still possible to exploit the original Yahoo vulnerability, allowing an attacker to completely take over a victim’s account. The victim has to be lured to click a link which contains malicious XSS code for the attack to succeed. This can demonstrated by the video we have created just this morning (Jan 8th, 2013) after Shahin kindly shared proof of concept code with us.
On a recent penetration test, we encountered an installation of CA ARCserve Backup on one of the target systems that piqued our interest. Like most “good” enterprise applications, ARCserve has processes that are running as SYSTEM so naturally, we went straight to work looking for vulnerabilities.
Join us for a mind-blowing experience in a city known for its dynamic history and contemporary design, Vienna, Austria. For the first time in Europe we are holding our most intense live training course, Advanced Windows Exploitation (AWE). Be prepared to be challenged beyond your limits!
On one of our engagements, we figured an Onity Hotel door unlocker would be useful to us. Inspired by the James bond type setup we saw on the Spiderlabs blog post, we thought we’de try to build a small, simple and “TSA friendly” version of the Onity key unlocker. Pro Tip: Connecting a 9v battery with the wrong polarity to an Arduino Mini Pro will make pretty sparks.
Continuing off from our last RFID Cloning with Proxmark3 post, we wanted to build a small, portable, stand-alone EM4x RFID tag stealer. We needed an easy way of storing multiple tag IDs whilst “rubbing elbows” with company personnel. The proxmark3 seemed liked an overkill and not particularly fast at reading em4x tags so we figured we’d try hooking up our RoboticsConnection RFID reader to a Teensy and see if we could make them play nicely together.