Renewing KeyBase and GnuPG Keys

5 minute read Jan 18, 2020 Comments
Every year or two, my GnuPG keys expire on KeyBase and in various key servers. Every time, I forget the process, and have to re-learn it. This post serves as a reminder to myself, or anyone else trying to do the same thing. It’s trivially easy, and there are GUI applications which can do it for you, but I went with this solution, since everyone should be able to do it.

Cricut Payment Bypass Vulnerability

5 minute read May 10, 2019 Comments
Last year during Black Friday, I bought a Cricut Explore Air 2 to make custom stickers, tshirts, and what not. Due to the fact that I like 3D printing and other CNC devices, it seemed right up my alley. Being the security enthusiast that I am, I couldn’t help but look at their site as it was in my browser. What I found was surprising. Background Cricut is a brand of home die-cutting machines.

Compiling SSLScan with SSLv2 support on OSX

3 minute read Dec 17, 2014 Comments
SSLScan is a tool that I often use when validating SSL findings on penetration tests. I had recently seen a new version come out, with color highlighting and more fanciness, but wanted it for OSX. When I tried to compile it, I noticed that it did not support SSLv2, which is something I often screenshot, so I dived into getting it all working. This guide will outline how to compile the newer versions of SSLScan with color highlighting, on OSX while retaining SSLv2 capabilities.

Burp Icon in OSX

4 minute read Aug 1, 2014 Comments
Recently, I on a Google Hangout with a coworker and saw him using the Burp Suite. I noticed that he opened a text file containing the command to run burp with extra memory, so he could remember the shell command easily. I personally just ran the burp jar file by double-clicking the jar file. The only exception was when I did need that extra memory. In that situation, I had to look up the arguments on Google.

Backdoor Modules for Netgear, Linksys, and Other Routers

11 minute read Jan 13, 2014 Comments
A week or so ago, I read the news of a new backdoor on several devices, including those made by Belkin, Cisco, NetGear, Linksys, and several others. A list of what seems to be affected devices can be found here. Eloi Vanderbeken, who posted his findings on GitHub made the original discovery. He also wrote a useful python proof-of-concept exploit, which allowed command injection, but I wanted Metasploit integration.

Brainpan2

17 minute read Nov 20, 2013 Comments
Over on #vulnhub, there has been quite a chatter about Brainpan2, a “sequel” to Brainpan, by superkojiman. They’re even offering a 50 GBP award to whoever submits the best write-up! Since I enjoy challenges like this, I took a look at the machine. However, the writeup had to wait until the contest was complete, so that people didn’t cheat to win. The trolling, it begins early… I imported the VM into VMWare Fusion, and started finding the host.

Canon, Y U NO Security?

6 minute read Jun 18, 2013 Comments
I recently bought a new printer at home, so my wife could print coupons without manually attaching to my office printer each time (Thanks coupons.com and all the other shady sites that require spyware-like software to print coupons, and often don’t support network printers). I ended up picking up a Canon MX922. It works awesome for her, and is connected over WiFi, so any device in the house can print to it.

Sysax Multi Server 6.10 SSH DoS

6 minute read Apr 8, 2013 Comments
I was recently fuzzing a bunch of SSH servers, hoping to find some remote code execution in a non-mainstream server. I ended up finding no code execution in the several that I tried, but I did find one pre-auth denial of service in Syax Multi Server 6.10. Try this at home! The vulnerable version can be downloaded here for anyone that would like to duplicate the DoS conditions. Understanding the Key Exchange I found that during the key exchange, where the SSH client and SSH server negotiate which ciphers to use, if you messed up just a single specific byte, the server would crash.
Page 1 of 10 1 2 3 4 5 6 7 8