Musings on Information Security

Interesting Reads - Week 12 / 2013

2013-03-23T15:56:00.000+01:00

Interesting Reads - Week 12 / 2013 Binary Instrumentation for Exploit Analysis Purposes (part 1) Binary Instrumentation for Exploit Analysis Purposes (part 2) Using the PIN instrumentalisation framework to analyse exploits Randomly failed!...

Read more....

SSL Audit v.08 released

2013-03-03T21:32:00.004+01:00

I have updated my little TLS/SSL Scanner called "SSL Audit" to version 0.8. I tweaked it slightly but the tool is still based on it's own rudimentary SSL Engine and hence is not limited by the number of ciphersuites and protocols available to...

Read more....

OWASP BeNeLux 2012 - Invitation

2012-11-19T22:22:00.000+01:00

I would like to invite you to this years OWASP BeNeLux Event, I won't give a talk this year but I happily invite you as part of OWASP BeNeLux Program Committee: Quick Facts Date : 29-30 Novembre Location: Leuven (Belgium) Price :...

Read more....

Mistakes made in Incident Response

2012-08-05T19:40:00.000+02:00

[ Updated : Added "10 Common Mistakes of Incident Responders" at the bottom] The following post will brake one major rule I adhere to when blogging, a post shall have not more than 10% of content that is not authored by myself. The...

Read more....

What you need to know about the vulnerabilities in MSCHAPv2

2012-08-04T16:44:00.000+02:00

A post within the "straight to the meat" category : There was a talk at Defcon 20 entitled "Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2", by Moxie and David Hulton - the talk announced the implementation of a tool that reduced the...

Read more....

BTcrack OSS 1.01 - Updated release

2012-07-02T22:15:00.001+02:00

I updated BTCrack Open Source Edition (BTCrack OSS) to version 1.01 by patching 2 bugs that were reported by Michael Ossmann and Carl Dunhamm. Description The primary goal of BTcrack is to crack/recover the PIN and reconstruct...

Read more....

Storing password securely - hashses, salts and bit stretching put into context

2012-06-09T15:00:00.001+02:00

Introduction Due to the latest row of high profile websites being compromised and parts of the password hashes being published here's a quick crash course on storing passwords "securely", for those that want a quick heads up. In this case I'd define...

Read more....

Interesting Reads of the Week - Week 22

2012-06-02T14:50:00.000+02:00

My Reads The Vulnerabilities Market and the Future of Security Bruce Schneier comments on the evolution of the Vulnerability Market and it's implications, the essay is surprisingly good supplement to the presentation I gave at OWASP on the...

Read more....

Updates and Notable comments :

2012-05-17T13:23:00.001+02:00

Updated Posts : The Post "Attacker Classes and Pyramid " has been updated to the third iteration. The post was updated in terms of coherency but I also added my OWASP BENELUX presentation entitled "The Rise of the Vulnerability Markets - History,...

Read more....

PCI Compliance, Security in isolated System and Parking Tellers (2nd)

2012-05-05T15:47:00.001+02:00

Following up on my blog post a few months ago entitled "PCI compliance, Security in isolated systems and Parking Tellers Part 1" - I took a brief look the other day at another Ticket issued by a Parking Teller in Luxembourg. Updated : Clarified...

Read more....

CVSS - Common Vulnerability Scoring System - a critique [ Part1 ]

2012-03-24T14:51:00.000+01:00

Ever since I started my career in information security I was both interested and intrigued by metrics applied to vulnerabilities (or metrics in general for that matter). CVSS is certainly not new and I had to make the choice whether...

Read more....

"SSL Audit" - Updated release (SSL/TLS Scanner)

2011-12-27T16:02:00.003+01:00

Preamble : During my research on TLS/SSL Compatibility across different Operation Systems and Browsers I created supporting tools for myself and later decided to release them for the public. "SSL Audit" remotely scans web servers for SSL...

Read more....

Final - SSL/TLS renegotiation explained (CVE-2009-3555)

2011-12-23T13:19:00.000+01:00

Final release for my paper explaining the different attack vectors and impacts for (CVE-2009-3555) "TLS / SSL renegotiation vulnerability". Added comments and corrections by Alun Jones (Who I hereby thank for his time) Changed FTPS...

Read more....

PCI compliance, Security in isolated systems and Parking Tellers (Part1)

2011-12-06T20:13:00.001+01:00

A colleague of mine spotted the below while doing expenses - The photograph below shows two separate receipts from two parking buildings that are not far away from each other in central Luxembourg (est. 1km). Both were paid by credit card / debit...

Read more....

Blog cleanup

2011-11-01T13:57:00.002+01:00

As some regulars might have noticed I restructed this blog a bit trying to get rid of some clutter. At the same time I updated a few specific pages I wanted to point out : Vulnerability Coordination Policy ( More backround on the "why" ) About Me...

Read more....

THC SSL DoS - vs - Per Design

2011-10-26T20:41:00.001+02:00

Since this is a rather old topic with both sides having valid points I will keep this post short and sweet. I have had no time to measure of investigate in depth and I don't think I will find any. Both have understandable view points, so let's...

Read more....

Attacker Classes and Pyramid (Version 3)

2011-10-18T20:20:00.001+02:00

This is a living blog post I will update whenever I have time and new ideas. TOC Introduction Updates Attacker Classes Attacker Pyramid Q&A Introduction The other day I was brainstorming further on the attacker classes I came up with...

Read more....

The BEAST summary - TLS, CBC, Countermeasures (Update 4)

2011-09-26T16:18:00.000+02:00

Lots of good information floating on the internet on the Proof of Concept (dubbed 'BEAST) against TLS 1.0 by Juliano Rizzo and Thai Duong at the Ekoparty. This blog post will be continuously updated as new items and possible mitigation...

Read more....

TLS/SSL hardening and compatibility Report 2011

2011-09-20T17:21:00.003+02:00

This is a cross post from the G-SEC blog My professional and private commitments made it difficult to maintain a healthy blogging style, I am trying to get back to some blogging on a more regular basis. Quick Update: G-SEC does no...

Read more....

What did PHP crypt() and Alzheimer have in common ?

2011-08-23T20:47:00.000+02:00

I stumbled across this weird PHP bug in the crypt() implementation (version 5.3.7RC5) [1] The bug reporter states that : "If crypt() is executed with MD5 salts, the return value consists of the salt only." In other words the call...

Read more....

Tools, Whitepapers, Talks

2011-08-01T22:20:00.000+02:00

Talks / Lectures During my career I had the opportunity to present my thoughts and views on Information Security to numerous people and organizations, below is a list of conferences I had the pleasure to present at. 2006 Luxembourg...

Read more....

CVE-2010-x+n - Loadlibrary/Getprocaddress roars its evil head in 2010

2010-08-22T23:33:00.015+02:00

Subscribe to the RSS feed in case you are interested in updates After Acrossecurity, published an interesting vulnerability and HDmoore appears to have stumbled on the same issue, I decided to investigate on my own. I am not 100% sure it's the...

Read more....

CVE-2010-2568 - LNK Code execution - Proof of concept (Update)

2010-07-18T15:14:00.001+02:00

Subscribe to the RSS feed in case you are interested in updates Ivanlef0u released a POC for the exploit used in targeted attacks :http://ivanlef0u.nibbles.fr/repo/suckme.rar More information :ISC SANS USCERT 940193 Microsoft...

Read more....