242 matches found
Encryption 101: How to break encryption
Continuing on in our Encryption 101 series, where we gave a malware analyst's primer on encryption and demonstrated encryption techniques using ShiOne ransomware, we now look at what it takes to break an encryption. In order for something as powerful as encryption to break, there needs to be some...
How to try to predict the output of Micali-Schnorr Generator (MS-DRBG) knowing the factorization. Part II
See also Part I and Part III of this series tl;dr In the previous article of the same series we tried to predict the output of Micali-Schnorr Generator MS-DRBG knowing the factorization. In this blog post we continue the effort started in part I showing different strategies. If you want to skip a...
Hacking Slot Machines by Reverse-Engineering the Random Number Generators
Interesting story: The venture is built on Alex's talent for reverse engineering the algorithms -- known as pseudorandom number generators, or PRNGs -- that govern how slot machine games behave. Armed with this knowledge, he can predict when certain games are likeliest to spit out moneyinsight...
CVE-2017-9864
Summary of CVE-2017-9864 (SMA Solar Technology inverter/time setting issue) : An attacker can change the plant time on SMA Solar Technology inverters (notably Sunny Boy TLST-21/TL-21 and Sunny Tripower TL-10/TL-30) without authentication, causing the system time to shift. This can affect timestam...
The vulnerability of the Flash Player software platform, which allows attackers to compromise the confidentiality of information
The vulnerability of the Flash Player software platform’s random number generators is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of information...
OmniMetrix OmniView Vulnerabilities
OVERVIEW Bill Voltmer of Elation Technologies LLC has identified vulnerabilities in OmniMetrix’s OmniView web application. OmniMetrix has produced a new software version for its web interface that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCT...
[SECURITY] Fedora 25 Update: rubygem-railties-5.0.0.1-2.fc25
Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: handles all the bootstrapping process for a Rails application; manager rails command line interface; provides Rails generators core;...
Silver Stripe CMS: source code security analysis report
Several vulnerabilities were discovered in SilverStripe Limited 'Silver Stripe CMS' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Incorrect Newlin...
DokuWiki: source code security analysis report
Several vulnerabilities were discovered in DokuWiki Community 'DokuWiki' software: Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography Incorrect User Input Filtration when Generating Code on the Fly...
Swagger Vulnerability Leads to Arbitrary Code Injection
An unexpected behavior in a relatively new and popular open source API framework called Swagger could lead to code execution, researchers at Rapid7 said. The company today disclosed some details on the vulnerability, and released a Metasploit exploit module and a proposed patch written by...
LogicalDoc Document Managment System CE: source code security analysis report
Several vulnerabilities were discovered in LogicalDOC 'LogicalDoc Document Managment System CE' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Отсутствие верификации цифровой подписи исполняемых файлов, полученных из...
CMSimple CMS: source code security analysis report
Several vulnerabilities were discovered in CMSimple 'CMSimple CMS' software: File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Global Variables Using Insufficiently Random Generators in Cryptography HttpOnly...
Allfresco Community Edition: source code security analysis report
Several vulnerabilities were discovered in Alfresco Software 'Allfresco Community Edition' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Использование метода finalize Отсутствие верификации цифровой подписи исполняемых...
Joomla!: source code security analysis report
Several vulnerabilities were discovered in Open Source Matters, Inc. 'Joomla!' software: Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography Incorrect Permissions for External Entities During XML...
IBM Patches Predictable Output Problem in SecureRandom PRNG
Details have surfaced on a recently patched vulnerability in IBM’s SecureRandom pseudo-random number generator that could allow an attacker to predict its output. Only the default SecureRandom implementation in the IBM Java Cryptography Extension JCE framework is vulnerable; IBM recommends that...
NIST removes Dual EC DRBG from SP 800-90A
The maligned Dual EC DRBG random number generator at the core of a $10 million secret contract between RSA Security and the National Security Agency has been removed from NIST’s draft guidance on random number generators. The National Institute for Standards and Technology said it will request...
Cryptanalysis Remains for TrueCrypt Audit
Phase two of the TrueCrypt audit figures to be a labor-intensive, largely manual cryptanalysis, according to the two experts behind the Open Crypto Audit Project OCAP. Matthew Green, crypto expert and professor at Johns Hopkins University, said a small team of experts will have to, by hand, exami...
TrueCrypt is Secure; Encryption Tool cleared the First Phase of Security Audit
Is TrueCrypt Audited Yet? Yes, In Part! One of the world's most-used open source file encryption software trusted by tens of millions of users - TrueCrypt is being audited by a team of experts to assess if it could be easily exploited and cracked. Hopefully it has cleared the first phase of the...
ES7 async functions
They're brilliant. They're brilliant and I want laws changed so I can marry them. Update: This feature is now shipping in browsers. I've written a more up-to-date and in-depth guide. Async with promises In the HTML5Rocks article on promises, the final example show how you'd load some JSON data fo...
[Weevely v1.1] Stealth tiny PHP web shell
Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...