Primary Content: Home

BMC/Numara Track-It! Decrypt Pass Tool

Today during a Penetration Test of a client I came across a piece of software called “Track-It!” by Numara, who was since acquired by BMC. Now this application is used by IT Helpdesks to offer centralised control of assets, so it was definitely worth a look at from a testing point of view. I found an open (Readable by Domain Users) network share on the installation server named “TrackIt” which internally exposed configuration files such as trackit.cfg which contained intersting lines such as:

RemoteInstallPass=AAABASE64HEREAAA==
DomainAdminPass=BBBBASE64HEREBBB==

Continue reading: BMC/Numara Track-It! Decrypt Pass Tool

Becoming a Penetration Tester

The aim of this post is not to talk about how to perform effective penetration tests, but it’s more around taking the first steps towards a career as a Penetration Tester. I want to talk about the kind of things that I look for in candidates, the kind of skills that I found useful when starting out, and as a candidate what to look at first. Information Security is a huge field and you’ve got a whole career to learn all of the details, but where should you start?

Continue reading: Becoming a Penetration Tester

Cross-domain Flash and Silverlight (crossdomain.xml)

Now I’ve posted previously about cross-domain communication with things like HTML5 CORS and HTML5 postMessages, I’ve also written about the browsers built in protections through Same-Origin Policy. However, recently I saw a discussion about Cross-domain Flash and Silverlight and how those are different, how specifically the exploitation works and what it offers an attacker.

Continue reading: Cross-domain Flash and Silverlight (crossdomain.xml)

Book Review: The Hacker Playbook 2

The cover image of The Hacker Playbook 2
Title: The Hacker Playbook 2
Author: Peter Kim
TL;DR:
In short, a book I recommend for the developing intermediate hacker. A no-nonsense guide to using Penetration Testing tools but with frustratingly little in the way of explanation of the technical details behind a vulnerability. Often appears as simply a catalogue of tools to investigate as opposed to an explanation of a problem or vulnerability the tool is intended to solve, followed by an example of a suitable tool to solve the problem. A definite “playbook” and not a complete guide, but worth a read if you already know the technical details and simply want to expand your knowledge of available tools.

Continue reading: Book Review: The Hacker Playbook 2