24 Nov 2016, 18:45

Vulnhub - HackDay: Albania Walkthrough

I was bored today so I thought it would be a good chance to try any of the current VulnHub VMs. I decided to try the latest HackDay: Albania from @R-73eN.

Read more

17 Jan 2016, 12:45

UPC Ubee EVW3226 Fail

Inspired by Blasty and his UPC Wifi key generator I decided to take a look at my UPC router too. It’s a Ubee EVW3226 with a custom firmware built by UPC providing a modified web interface and a lot of other stuff.

Read more

21 Apr 2015, 19:20

How to Crack Mifare Classic Cards

In this blog post I will cover some quick basics about NFC, Mifare Classic and how to set up everything for reading and writing a NFC tag. At the end I show you how to reprogram a vending machine’s NFC tag to contain more credits.

NFC stands for Near Field Communication and is used to communicate over short distances. For more Infos on NFC you can read the Wikipedia article. NFC nowadays is used for access cards, public transport, some more and in this case: Vending Machines. Basically there is an active NFC enabled device (the reader) and a passive device (the tag). The active device scans for the passive one and establishes a connection on contact. It also powers the passive device via an electromagnetic field. There is also an active - active mode where both endpoints can send data and need to be powered seperately. This is usually used when sending data for example in “Android Beam”.

In this example the vending machine has an active NFC reader built in. You can touch it with your tag to buy some drinks and the corresponding price is subtracted from the ammount stored on the tag. You can also recharge your tag via the machine if you run out of credits.

Read more

03 Jul 2014, 17:48

How to Install Wordpress

Because I have installed Wordpress for testing purposes way too often, i decided to write my setup down so I can reference it and others can benefit from the install. The installation was tested with Ubuntu 14.04 LTS 64bit.

Read more

30 Mar 2014, 12:00

Multiple Vulnerabilities in ionCube Loader-wizard

In a recent security audit I spotted a file on the server which caught my attention: loader-wizard.php.

After calling the file via a Browser I noticed it’s part of ionCubes encoding and obfuscation software. The software can be found on ionCubes Homepage.

Read more

14 Nov 2013, 22:05

SQL-Injection and XSS in All-in-one-event-calendar Wordpress Plugin

During a recent security audit I found multiple vulnerabilities in the Wordpress plugin “all-in-one-event-calendar”. There is a lite version provided through the Wordpress site (http://wordpress.org/plugins/all-in-one-event-calendar/), and a standard version provided through a third party site (http://time.ly/). Both versions were tested and are vulnerable to the reported issues.

PS: There is also a paid pro version. This was not tested but it’s likely also vulnerable to the mentioned issues.

Read more

13 Nov 2013, 17:44

Analyzing HP Thinpro Firmware

Today I got my hands on a HP t510 Thinclient and wanted to analyze the OS and running services (apparently it’s running Ubuntu 10.04.4 LTS). Here is my solution to run the Firmware in a VMware Infrastructure, or simply mount the image for browsing.

Read more