In diesem Artikel wird aufgezeigt, wie einfach das per Funk ausgestrahlte DCF77 Zeitsignal manipuliert werden kann. DCF77 wird in vielen Bereichen eingesetzt in denen eine genaue Uhrzeit benötigt wird: Von der einfachen Armbanduhr bis zur Industrieanlage. Was ist DCF77 In Europa existiert seit 1959 der Zeit Sender DCF77. Der Sender verfügt über eine Reichweite von 2000km […]
For the second part of our report about Black Hat USA 2015, we decided to change topic, and switch from web application security to two hot topics nowadays: Security in Internet of Things and mobile security. We encourage you not only to read this summary but also to go online and take a closer look […]
Black Hat USA is the most famous IT security conference in the world that every year congregate thousands of security experts and interested to Las Vegas. For its 18th year the conference took place in the glamorous Mandalay Bay Conference Center in Las Vegas. And as every year, two security analysts of Compass Security have […]
As in past years, Compass Security will participate in the upcoming CyberSec Conference in Yverdon-les-Bains (formerly Application Security Forum – Western Switzerland). This year, we will contribute in two events: First, Antoine Neuenschwander and Alexandre Herzog will conduct a day long training session on Tuesday, November 3rd. Participants will be able to exercise their skills […]
Update – 13.10.2015: Netgear published a new firmware (version 1.1.0.32) which fixes the reported authentication bypass. My most recently appointed colleague, Daniel Haake, described in the previous blog article “Authentication Bypass in Netgear WNR1000v4 Router” how he found an authentication bypass in commonly used Netgear firmwares. Due to the rediscovery of the issue and its […]
Three months ago I tested the web interface of the Netgear WNR1000v4 router for some typical vulnerabilities. When playing around with the application by forcefully calling different URLs in contexts it was not meant for, I got some strange, but interesting behaviour. I accessed different URLs and then switched back to the root web directory […]
Two months ago, we wrote about SAML Raider, a Burp extension which allows automating SAML attacks based on manipulations of the intercepted security assertion. Using this tool, we were able to identify a severe vulnerability in the service provider (SP) implementation of AdNovum‘s nevisAuth. The following conditions make exploitation possible: SAML POST-Binding is used, i.e. […]
During a SharePoint 2013 penetration test I performed last November, I noticed that a dynamically constructed JavaScript constantly fetched content or redirected me to the requested pages. Using a variation of the double-slash trick we exploited in the past, I misused this functionality in order to perform a DOM based open redirection attack. Every SharePoint […]
Ein Hintegrundartikel zur SRF Einstein Sendung vom Donnerstag, 3. September 2015 um 21:00 Uhr zum Thema “Cybercrime, wie sicher ist das Know-how der Schweiz”. (Trailer online) In diesem Artikel zeigen wir Ihnen die Vorgehensweisen von Angreifern auf, die versuchen unerlaubten Zugriff auf fremde Systeme zu erlangen — beispielsweise im Netzwerk eines KMUs. Schematisch sind diese Vorgehensweisen […]
Up to the iPhone 4, 4 digit passcodes could be brute-forced within a short amount of time – maximum 30 minutes, depending on the passcode. With the iPhone 4s, the Boot ROM vulnerability required to upload a custom RAM disk has been closed thus rendering newer phones immune to this attack. This is where the IP-Box […]
© 2025 Compass Security Blog