Compass Security Blog

Offensive Defense

Page 2 of 15

Write-up: The Great Continuation

This challenge was web based and contained a mix of XSS, CSRF and CSP bypass. We were given two web pages, admin. and bot.control.insomni.hack, and challenged to break into the administration panel to take the control of the bots. The admin page had a login form containing an obvious reflected Cross-Site Scripting (XSS). However, it […]

Continue reading

Write-up: Who’s your daddy?

At this years Insomni’hack there was a fun Recon / OSINT challenge with the name “Who’s your daddy?”. A login page was presented to the participant, who had to try to reset the password of the page owner. On the login page the user was able to: Login with username / password Insert a username […]

Continue reading

Write-up: Smarttomcat2

Following the Insomni’hack 2017 teaser where the Smarttomcat1 challenge was available, a second version of the same challenge was proposed. Good write-ups for Smarttomcat1 may be found at https://ctftime.org/task/3308. To quickly summarize, one had to abuse a search function to access a tomcat manager page with default credentials. The challenge looked very similar, when performing a […]

Continue reading

Write-up: Secr3tMgr

One challenge at Insomni’hack CTF this year was about memory forensics on Android devices. The challenge provided a memory dump of an Android device along with the task to retrieve some encrypted information from it. Besides the memory dump, two additional files (module.dwarf and System.map) were provided: The first tool that comes to mind when […]

Continue reading

SharePoint: Collaboration vs. XSS

SharePoint is a very popular browser-based collaboration and content management platform. Due to its high complexity, proprietary technology and confusing terminology it is often perceived as a black-box that IT and security professionals do not feel very comfortable with. These days, web security topics are well understood by many security professionals, penetration testers and vendors. But what […]

Continue reading

SharePoint: How to collaborate with external parties?

Opening up an internal SharePoint farm to the Internet in order to share resources with external parties might seem a good idea, because it helps avoiding expensive infrastructure changes. However, in terms of security, this is not recommended because it does not sufficiently protect internal resources from external threats. The protection of internal resources hinges […]

Continue reading

Wrap-up: Hack-Lab 2017#2

What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills with their fellows. This also includes the improvement of internal tools, the research of newly identified publicly known attacks, and security analysis of hardware […]

Continue reading

Hacking-Lab @ CodeMash 2017

What is CodeMash? CodeMash is a conference for software developers and IT security professionals. It takes place every year in Sandusky, Ohio, in the U.S. The event consists of two parts: two days of training sessions (called “PreCompiler”), followed by two days of conference with sessions. It attracts about 3’000 visitors and takes place in […]

Continue reading

How to reduce the threat from third-party includes

To achieve better-looking, more feature-rich and responsive applications, there is an ever-growing need to include resources from 3rd party domains into your web application. Common examples are JavaScript frameworks like jQuery or AngularJS, often distributed via a content delivery network (CDN), or even complete applications like Google Maps. But by including these resources, the security […]

Continue reading

Wrap-up: Hack-Lab 2017#1

What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills with their fellows. This also includes the improvement of internal tools, the research of newly identified publicly known attacks, and security analysis of hardware […]

Continue reading

« Older posts Newer posts »