Recently, I found an interesting issue qualifying on Yahoo! Pipes. But before going into the details of this specific issue, let’s understand some basic points. What does Authorization mean? In general, authorization relates to the set of activities which a user can perform once logged on to a particular system. This is typically divided into […]

Couple of days back, I reported XSS and Content Spoofing on LinkedIn. Here are the details of the issues. Cross Site Scripting: What is Cross Site Scripting? XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session […]

Objectives of IT legislation in India The Government of India enacted its Information Technology Act 2000 with the objectives stating officially as: “to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to […]

During a routine penetration testing engagement, we found an IIS webserver with HTTP methods (verbs) like PUT and DELETE enabled on it. During enumeration of the web server we figured it was configured to run PHP as well. The PUT method allows an attacker to place a file on the server. Uploading a web shell […]

Scenario: One of our clients observed a suspicious behavior in a program and wanted us to analyze and identify if any malicious activities were being performed by the same. The program wasn’t detected by their anti-virus solution during ‘file access operations’. However, some unusual outbound network traffic triggered alerts from the network monitoring team. Filename […]

Heartbleed Advisory & FAQ Please find below a quick FAQ on the Heartbleed vulnerability and what you can to address it: UPDATE June 5, 2014: 7 New bugs fixed in OpenSSL Q. What is the Heartbleed vulnerability and what is its impact? The Heartbleed bug allows anyone on the Internet to read the memory of […]

Introduction Android is an open source operating system based on the Linux kernel, initially developed by Android Inc., which Google bought in 2005. Initially, Android was developed to support touch screen devices like smartphones. These devices support different types of screen locks, like swipe lock, PIN lock, pattern lock, gesture lock, facial lock, etc. Swipe […]

Most large organizations provide wireless facilities for their guest, which may include vendors, consultants, business associates, employees from other regions etc. Certain points should be considered while implementing a guest wireless network. Encryption in use Captive Portals or Guest Authentication Network Segregation Finding the SSID of a Hidden wireless network To simplify the connectivity for […]

SQL injection – one of the most critical vulnerabilities till now – is still included in the OWASP Top 10 list’s Injection flaws section. SQLMap is a tool that helps penetration testers prove that SQL injection is one the most critical vulnerabilities present in enterprise security. ‘SQLMap’is a simple python based tool to exploit SQL […]

Browser Reconnaissance and Ex-filtration via Adaptive Compression of Hypertext (BREACH) Attack: Previously we learnt how CRIME attacks SSL/TLS using SSL/TLS compression. Now we look at a more recent attack called the BREACH attack. BREACH attack is quite similar to CRIME attack with subtle differences. This attack also leverages compression to extract data from a SSL/TLS […]