Frank Breedijk

HitB2012AMS: Whistling Over the Wire

Not getting Involved – A CC NC image by Tarik Browne
By Arnauld Mascret (Security Researcher, SogeL / ESEC)

Arnauld is part of the Sogeti Red Team, who’s mission is to test the security of companies without pe-defined perimiters.

For the intelligance face of these test he often uses Facebook, because it is easy to do. Twitter is different from facebook because: read more >

HitB2012AMS: Killing a Bug Bounty Program †TWICE

Oops! – A CC image by Neal.
By Itzhak ‘zuk’ Avraham (Founder, zimperium) & Nir Goldshlager (Senior Researcher, zimperium)

If you are trying to find bugs in standard services with standard tools, you will not ba able to success, because somebody else probably did it before you. This talk is about how to find the bugs other people did not find before you.

There are several bug bounty programs:

1995 – Netscape
2004 – Firefox
2005 – ZDI
2007 – Pwn2Own
2010 – Google
2011 – Facebook read more >

HitB2012Ams: WinRT: The Metropolitan Museum of Security

Curre guagliò! Run, baby! a CC SA image by foodriver
By Sebastien Renaud (Senior Security Researcher, Quarkslab) & Kevin Szkudlapski (Junior Security Researcher, Quarkslab)

Windows 8

The researchers tried to find out what was new new in Windows 8 vs. Windows 7:

New kernel function: NTCreateLowBoxToken
New user interface: Metro interface
WinRT is a net backbone for metra appes and has a new programming model

Metro Applications

What are the key points of these new Metro applications:

Distributed only via the Windows read more >

Black Hat EU : The Pwnage Saga Continues

Lego - A CC NC ND image
by Nikhal Mittal

Nikhal has written a tool call Kautilya which uses Teensy a programmable USB development board to mimic a keyboard. The good (or bad) thing about mimicking a HID (Human Interface Device)  is that HID devices are explicitly trusted by most modern operating systems. Kautilya is a tool that makes the use of Teensy in Penetration  Tests easy.

Teensy is a small board and thus is can be disguised as a USB toy, lost USB stick or something else clever and left in e.g. read more >

Black Hat EU : Hacking XPath 2.0

Jeni sells us XPath - CC image
By Sumit Siddharth & Tom Forbes

XPath is a language to query XML data.Sometimes XPath is used to query the backend data of web applications in stead of a database. XPath injection is a vulnerability that can be compared to SQL injection. An attacker can inject something that has a XPath 'meaning' into the string (e.g. ' or '1=1) and get different results then the designer of the application intended.

Sumit and Tom show different examples of these injections. read more >

Black Hat EU : Beyond scanning : Automated Web Application Scanning

Blackhead Persian - A CC image
By Stephen de Vries

Security testing is the black sheep of application testing. Often developers run unit test, integration test, but security tests are often postponed to the end of the lifecycle.

How can we make security testing like unit and integration testing?

Stephen starts by showing us how a "normal" integration test works using selenium. By showing a functional test for a login page.

Function tests can be integrated into continuous integration platforms like e.g. read more >

Black Hat EU : HDMI : Hacking Displays Made Interesting

By Andy Davis

Andy got interested by hacking HDMI when he was checking USB security on the Black Berry playbook.

When further investigating the HDMI port he found out that HDMI does not only provide Video out and Audio out, but also provides EDID to send information to and from the device.

Video standards have long history dating back to the 1970s. read more >

Does XKCD or Jason Kendall get "it"?

This post is a reply to this blog post by Jason Kendall.

It all started with this cartoon:

This cartoon basically started a hype about how XKCD was getting “itâ€. Jason posted a blog post stating that he did not agree with XKCD since:

While four words in theory have 44 bits of entropy (244), it is actually 250,000 to the power of 4 (250,0004) since English only has 4about 250,000 words
Most people actually would use three words, giving 15,625,000,000,000,000 combinations read more >