March Hacking-Lab News 2012

What’s new with Hacking-Lab?

1) New LiveCD
Please note, we have uploaded the new Hacking-Lab LiveCD v5.83 to
* http://media.hacking-lab.com/largefiles/livecd/

2) New Video Tutorial
Watch this short tutorial and learn how to use multiple firefox profiles with your new LiveCD
* http://media.hacking-lab.com/movies/multiple-firefox-browsers/

3) OWASP AppSec EU
OWASP rocks!!! Join the University Challenge in Athens this year and test your security skills in the University Challenge discipline provided by Hacking-Lab.
* http://www.appsecresearch.org

4) Hacking-Lab Magazine
The first release 0x01 will be released within the next 7 days!!! Register a Hacking-Lab account and make sure you receive a copy.

5) IRC service in vulnerable server network
Since a couple of days, we have an IRC service up and running within the vulnerable server network. Please join #hackinglab once you are vpn connected. (chat.hacking-lab.com)
* TUTORIAL VIDEO HERE: http://media.hacking-lab.com/movies/chat/

That’s it. Have a safe day
Ivan Buetler

 

Next Beer-Talk in June 7th, 2012

Hi all,

Don’t miss our tech/geek research talk series; mark the next Beer-Talk that will be held next June 7th, 2012 in Jona Switzerland in your agenda. As we have multiple research topics you can choose, please mark your favorite in the survey below:

Surveyhttp://www.csnc.ch/de/calendar/NextBeerTalk/

Did you miss the last Beer-Talk about Advanced Web Security by Philipp Oesch? Don’t worry; get the PDF from here: FileBox DownloadLink

Do you feel like gambling/testing with the Apache Struts2 vulnerability by yourself? Join the free Hacking-Lab event here: Hacking Challenge in Hacking-Lab

Watch this Apache Struts2 intro movie, to get familiar with the shown issue
* http://media.hacking-lab.com/movies/struts2/

Take Care
Ivan Buetler
ivan.buetler@csnc.ch

 

OWASP Apache Struts2 Security Challenge in Hacking-Lab

Hi all,

As you might know, Hacking-Lab is providing free OWASP TOP 10 hands-on challenges to the OWASP community. This is an inner service of GEC (Global Education Commitee) and as part of the Academy Portal project.

Vulnerabilities within used frameworks and libraries, like the Apache Struts vulnerability do not have a prominent place with the OWASP TOP 10 list, but very important because of it’s remote code execution characteristic. Hacking-Lab has written a vulnerable Apache Struts service and a tutorial video. Check it out.

I think it is important to discuss library and dependency risks.

Please watch the tutorial here:
* http://media.hacking-lab.com/movies/struts2/

Please read more about the Apache vulnerability here
* http://struts.apache.org/2.x/docs/s2-009.html

Please try it our, mess around in Hacking-Lab (if you like, it’s free!)
* https://www.hacking-lab.com/events/registerform.html?eventid=199

Looking forward to hearing from you
Ivan Buetler, Switzerland

Reversing in God Mode

Fridays, I was approaching a win32 reversing challenge. So I transferred the binary into my Windows XP virtual box and fired-up OllyDbg. The goal was to bypass the username and password prompt that occurred on application startup. Hilariously, I was just providing a dummy name and password to the app…. “asdf” “asdf” as probably most penetration testers have done so, over and over to test logon prompt behavior.

BANG… the app is telling me: “Correct, le clef est Le saucisson vaudois ca rapicole.!”

The force was with me and actually, only Chuck Norris could have topped that :). Was I in god mode? Probably not. Later analysis just revealed that the application required the password to be equal to the username and had some minimal restrictions on the credentials length.

All in all, a 30 seconds exercise.

Lessons learned:
– Implement strong password policies
– Give it a try before you hurry to launch Olly.