Training During the DeepSec event, we gave our Mobile Hacking training (this training was also provided at Hack In Paris). This training presented the toolset needed when assessing mobile applications (such as adb, Apktool, Jadx, Androguard, Cycript, Frida, Needle and MobSF) and, also, the techniques to help you to work faster and in a more efficient way in the mobile ecosystem. This 2-days training focused on Android and iOS applications.
Abstract During an engagement for a client, RandoriSec found 2 vulnerabilities on Moxa EDR-810 Series Secure Routers. The first one is a command injection vulnerability found on the CLI allowing an authenticated user to obtain root privileges. And the other one is an improper access control found on the web server allowing to retrieve log files. As usual, we reported those issues directly to Moxa and ICS-CERT (Industrial Control Systems Cyber Emergency Response Team) in order to “responsible disclose” them.
RandoriSec was at Hack In Paris 2019 and it was wonderful! This 9th edition took place at Maison de la Chimie in Paris (of course;)). The event was divided in two parts: June 16th to 18th: 3 days of trainings with 13 different subjects (IoT, ICS, Windows exploitation, Web and mobile hacking, etc.) June 19th to 20th: 2 days of talks with a unique track.
Nous avons écrit un article sur les outils open-source et gratuits pour l’audit d’intrusions d’applications web qui a été publié dans le hors-série n.97 du magazine Linux Magazine sur “Les bonnes pratiques du développement sécurisé” publié l’été dernier. Le magazine vient d’ailleurs d’être réédité. Nous avions opté pour une licence CC dans le but de mettre l’article à disposition de tout le monde dès l’expiration des droits d’auteur. C’est chose faite !
Dirk-jan Mollema, a pentester working for Foxit, found a very clever attack allowing any user, owning an Exchange mailbox, to obtain Domain Admin privileges. The attack has been unveiled last week, strangely without a lot of media coverage (but things seem to change, the daily blogpost of the SANS ISC covered the subject yesterday). As there is still no fix (think software patch to install) from Microsoft, the term “0day” is around.
Guillaume Lopes (@Guillaume_Lopes) and Davy Douhine (@ddouhine), senior pentesters, will share many techniques, tips and tricks to deliver to pentesters, bug bounty researchers or just curious a 100% hands-on 2 days mobile training. Goal is to introduce tools (Adb, Apktool, Jadx, Cycript, Frida, Hopper, Needle, etc.) and techniques to help you to work faster and in a more efficient way in the mobile (Android and iOS) ecosystem. This is the exact training that you would have liked to have before wasting your precious time trying and failing while testing.
Client side validation Client side validation is a common weakness found during penetration tests and security audits performed by Randorisec. Because client side is by definition… on the user side, it can be altered by the user and sometimes it can be done quite easily. Netflix Parental Control PIN A few months ago we figured out that the Netflix parental control PIN was very easy to bypass: Hey kids !
Abstract A few weeks ago we came across high-end IP cameras made by Geutebruck, a “leading German manufacturer and developer of high-quality, intelligent video security solutions” and found a RCE affecting version 18.104.22.168 and prior versions of E2 series IP cameras. In fact it is the third time we find a a RCE on this product line. One in 2016, another one in 2017 and now a new one in 2018.
Nous sommes très heureux d’annoncer que la formation “iOS Mobile Application Hacking” sera donnée en français à Québec au Canada pour la 10e édition de la conférence Hackfest ! La conférence, qui est le plus grand événement de hacking au Canada et réunit plus de 900 passionnés de sécurité informatique, aura lieu les 2 et le 3 novembre 2018 et sera précédé de 3 jours dédiés aux formations. RandoriSec aura le plaisir d’animer la formation “iOS Mobile Application Hacking” pour la première fois lors d’une conférence.
RandoriSec was at the Amsterdam 2018 edition of Hack In The Box and… IT WAS A BLAST ! It has been over a month and many tweets, write-ups and even the full slides (https://conference.hitb.org/hitbsecconf2018ams/materials/) have been published so we won’t cover details here but we just wanted to say a few words about it. The agenda was great with two main conference tracks, one dedicated track for the labs and one additional, free and open to public, track: