The Synology Improbability

Recently, my manager purchased a Synology NAS device for me to do some backups. Since quite a few people I know use this particular NAS (including myself now), I decided to do a quick audit on it before integrating it into my lab environment. In this blog post, I will cover two different vulnerabilities patched by Synology.

Read More

Auditing the Auditor

Some time ago, we noticed some security researchers looking for critical vulnerabilities affecting “security” based products (such as antivirus) that can have a damaging impact to enterprise and desktop users. Take a stroll through the Google Project Zero bug tracker to see what we mean.

Read More

Hacking WPA Enterprise with Kali Linux

Admittedly, somewhat of a click-bait blog post title – but bear with us, it’s for a good reason. Lots of work goes on behind the scenes of Kali Linux, tools get updated every day and interesting new features are added constantly. Most of these tool updates and feature additions go unannounced, and are then discovered by inquisitive users – however this time, we had to make an exception.

Read More

Kali Rolling ISO of DOOM, Too.

A while back we introduced the idea of Kali Linux Customization by demonstrating the Kali Linux ISO of Doom. Our scenario covered the installation of a custom Kali configuration which contained select tools required for a remote vulnerability assessment. The customised Kali ISO would undergo an unattended autoinstall in a remote client site, and automatically connect back to our OpenVPN server over TCP port 443. The OpenVPN connection would then bridge the remote and local networks, allowing us full “layer 3” access to the internal network from our remote location. The resulting custom ISO could then be sent to the client who would just pop it into a virtual machine template, and the whole setup would happen automagically with no intervention – as depicted in the image below.

Read More