Posts List

Agile Web Security Automation

Agile Web Security Automation

Agile Web Security Automation Automation of application security scans are becoming very common these days. With the advent of devops security and appsec pipeline tools, it has made easy to manage, maintain and scale activities like job scheduling, report generalization from different tool, and SDL integration. Such pipelines once developed requires minimum intervention until the reports are ready and triage needs to be done after that only. In order to maintain a good balance of unique applications and result quality of scanners it is very import to run automations setup and their health check following agile methodolgy.

Exploiting CVE-2017-14385

Exploiting  CVE-2017-14385

Attack An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior to 6.1.0.21; EMC Data Domain Virtual Edition 2.0 family, all versions; EMC Data Domain Virtual Edition 3.0 family, versions prior to 3.0 SP2 Update 1; and EMC Data Domain Virtual Edition 3.1 family, versions prior to 3.

Embed powershell scripts in the pixels of png

Embed powershell scripts in the pixels of png

Attack Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a oneliner for executing either from file locally or from web. This script can be very handy while targetting an memory attack, moving payloads & compromising the system. Antivirus on which I tested failed to recognize the PNG as a malcious file. Exploit Malicious PNG Generation References: GitHub

Exploiting CVE-2017-16665

Exploiting CVE-2017-16665

Attack RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL. RemObjects Remoting SDK Clients are applications that talk to your servers, and Remoting SDK allows you to add client functionality to apps written in just about any modern programming tool, and for all current platforms: Cocoa developers can use our native Cocoa frameworks from Swift, Objective-C, Oxygene or RemObjects C#

Quadratic Blowup Attack

Quadratic Blowup Attack

Attack An XML quadratic blowup attack is similar to a Billion Laughs attack. Essentially, it exploits the use of entity expansion. Instead of deferring to the use of nested entities, it replicates one large entity using a couple thousand characters repeatedly. These attacks exists becasue applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed.

Bypass Cross Site Request Forgery Protection

Bypass Cross Site Request Forgery Protection

Attack Cross Site Request Forgery (CSRF) is an attack where a malicious entity tricks a victim into performing actions on behalf of the attacker. The impact of the attack would depend on the level of authorization that the victim who is being exploited is having into the system. The most popular implementation to prevent Cross-site Request Forgery (CSRF), is to make use of a nonce that is associated with a particular user and it’s current view model of the web page.