Compass Security Blog

Offensive Defense

Month: March 2012

March Hacking-Lab News 2012

What’s new with Hacking-Lab? 1) New LiveCD Please note, we have uploaded the new Hacking-Lab LiveCD v5.83 to * http://media.hacking-lab.com/largefiles/livecd/ 2) New Video Tutorial Watch this short tutorial and learn how to use multiple firefox profiles with your new LiveCD * http://media.hacking-lab.com/movies/multiple-firefox-browsers/ 3) OWASP AppSec EU OWASP rocks!!! Join the University Challenge in Athens this […]

Continue reading

Next Beer-Talk in June 7th, 2012

Hi all, Don’t miss our tech/geek research talk series; mark the next Beer-Talk that will be held next June 7th, 2012 in Jona Switzerland in your agenda. As we have multiple research topics you can choose, please mark your favorite in the survey below: Survey – http://www.csnc.ch/de/calendar/NextBeerTalk/ Did you miss the last Beer-Talk about Advanced […]

Continue reading

OWASP Apache Struts2 Security Challenge in Hacking-Lab

Hi all, As you might know, Hacking-Lab is providing free OWASP TOP 10 hands-on challenges to the OWASP community. This is an inner service of GEC (Global Education Commitee) and as part of the Academy Portal project. Vulnerabilities within used frameworks and libraries, like the Apache Struts vulnerability do not have a prominent place with […]

Continue reading

Reversing in God Mode

Fridays, I was approaching a win32 reversing challenge. So I transferred the binary into my Windows XP virtual box and fired-up OllyDbg. The goal was to bypass the username and password prompt that occurred on application startup. Hilariously, I was just providing a dummy name and password to the app…. “asdf” “asdf” as probably most […]

Continue reading