We show how to decrypt passwords from the configuration backup of a Xerox WorkCentre and how, during the reverse engineering, a command injection vulnerability was discovered (CVE-2021-27508).
We show how to decrypt passwords from the configuration backup of a Xerox WorkCentre and how, during the reverse engineering, a command injection vulnerability was discovered (CVE-2021-27508).
In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this vast landscape full of possibilities. While preparing the talk we had at BlackAlps (https://www.blackalps.ch) with […]
Similar to the previous challenge we were provided with an Excel spreadsheet (vba02-bitminer_4052500b4f2120d3d3ae458b339ec1f16e89e870.xls) that again contained macro code that would be executed when opening the document.
This challenge was about LDAP injection.
In this challenge we were given the source of a vulnerable PHP page and were tasked with the exploitation.
This year again a small delegation of Compass Security was present at Insomni’hack in Geneva. On the novelties this year, the workshops spanned over two days (Tuesday and Wednesday) and the conference followed the same direction (Thursday and Friday). There was also a new kind of CTF, labeled blue-team CTF, called Boss of the SOC. […]
The idea Some time ago I read a tweet about hunting so-called “sticky-keys backdoors”, referencing a presentation at DEFCON 24, https://www.youtube.com/watch?v=EAYtRQKfna0 In addition to the presentation, the team released a tool called “Sticky Keys Slayer” that is publicly available on GitHub, https://github.com/linuz/Sticky-Keys-Slayer/ The sticky-keys backdoor is using a simple trick. On a Windows system, it is possible […]
The BlackAlps 2017 security conference took place this week in Yverdon-les-Bains: https://www.blackalps.ch. A small delegation of Compass Security was here to present a web application security workshop and also take part in the Y-NOT-CTF. You’ll find below a write-up of the challenges we were able to solve. Fun : Beautiful Alps This was probably the […]
Following the Insomni’hack 2017 teaser where the Smarttomcat1 challenge was available, a second version of the same challenge was proposed. Good write-ups for Smarttomcat1 may be found at https://ctftime.org/task/3308. To quickly summarize, one had to abuse a search function to access a tomcat manager page with default credentials. The challenge looked very similar, when performing a […]
© 2024 Compass Security Blog