Skip to main content

Posts

OWASP IoT (Internet of Things) Top 10 - A Walkthrough

OWASP IoT (Internet of Things) Top 10 - 2014 Introductions: In Todays world things of everyday are becoming smart, every hour hundreds and thousands of smart devices are being added to the Internet whether it is a Toaster, Camera, Refrigerator, T.Vs, Cars etc. So it can be a target of attackers easily, here comes OWASP IoT Top 10 to address this issue. OWASP IoT Top 10 is designed to make the everyday devices secure on same lines of guidelines by OWASP TOP 10 for applications. The OWASP Internet of Things Top 10 - 2014 is as follows: I1 – Insecure Web Interface I2 – Insufficient Authentication/Authorization I3 – Insecure Network Services I4 – Lack of Transport Encryption I5 – Privacy Concerns I6 – Insecure Cloud Interface I7 – Insecure Mobile Interface I8 – Insufficient Security Configurability I9 – Insecure Software/Firmware I10 – Poor Physical Security  How to test for OWASP IoT Top 10   I1 – Insecure Web Interface: Everyday devices have web ser
Recent posts

Damn Vulnerable Android Application by Security Compass - Lab 6 Advanced Encryption

Lab 6 Advanced Encryption  Today we are going to see the solution of basic encryption post in that no encryption was used for sensitive info. The solution is implementing the encryption and that we will try to bypass the encryption implementation as some times the developers store the hardcoded encryption key in the app itself. For this you need to install the BasicEncryptionSolution.apk. Now start this app and configure the credentials.   Now app is configured and credentials are also stored as per design in preferences.xml but I am expecting some sort of encryption now as we have installed solution for this flaw. Browse to the /data/data/com.securitycompass.androidlabs.basicencryptionsolution/shared_prefs as you can see that all the credentials are encrypted. So now we go and disassemble the app and try to figure out is there any key hardcoded key in the app. You can disassemble the app by using EasyApkDisassembler tool as i d

Damn Vulnerable Android Application by Security Compass - Lab 5 Basic Encryption

Lab 5 Basic Encryption   This post is about encryption flaw on android app for sensitive information. Here we will see the filesystem of device. Sometimes developer store the sensitive info on device that too without encryption. To check for some sensitive info on filesystem we will use our favorite tool 'adb', give below command adb shell after that browse to base app  and we gone  in shared_prefs directory, we explored the preferences.xml so we found this

Damn Vulnerable Android Application by Security Compass - Lab 4 Secure Logging

Lab 4 Secure Logging Welcome back friends, Today we're gonna have a look on lab 4 Secure Logging from Damn Vulnerable Android Application by Security Compass series. Some times developers log the info about application to the android log, this some times contains sensitive information of an application. So in this lab we are gonna test this flaw on the vulnerable app, for this we have use adb logcat. Now after starting the logcat we have to browse through the app or have to make some activity like fund transfer etc. and then we need to check the logs for some sensitive info. We juz tried to check the account balance. and we got this in logs After this we tried for fund transfer We got this in Logs Solution: Developer should be very carefull about what he is logging about the app. He should refrain from logging any sensitive information like session keys etc.

POODLE Attack - Time to die for SSL 3.0

Exploiting SSL 3.0 - The POODLE Attack On 14th Oct,2014 google has published a serious vulnerability in blueprint of SSL 3.0,naming POODLE – short for Padding Oracle On Downgraded Legacy Encryption. This flaw is not a software bug. This vulnerability allows attackers to decrypt the encrypted sessions between website server and client. As per Alexa 542,902 sites are SSL 3.0 supported which is 96.9% of HTTPS Alexa. Exploiting this vulnerability can result in compromise of cookies leading account hijacks. As informed the attack is easy to perform but attacker should be able to capture the traffic. It affects all browsers supporting SSL 3.0 Google Chrome, Mozila Firefox and IE etc.  The attacker can cause connection failure and forcing the browser to use SSL 3.0 or CBC-mode ciphers with SSL 3.0 and exploiting the vulnerability. So to mitigate this vulnerability is simply disable SSL 3.0 but you may face some compatibility issue. Google has recommended use of TLS_FALLBACK

Nmap Cheat Sheet / Nmap Commands with examples

Nmap Cheat Sheet NMAP Commands Goal Command Example Scan a Single Target nmap [target] nmap 192.168.0.1 Scan Multiple Targets nmap [target1, target2, etc] nmap 192.168.0.1 192.168.0.2 Scan a List of Targets nmap -iL [list.txt] nmap -iL targets.txt Scan a Range of Hosts nmap [range of ip addresses] nmap 192.168.0.1-10 Scan an Entire Subnet nmap [ip address/cdir] nmap 192.168.0.1/24 Scan Random Hosts nmap -iR [number] nmap -iR 0 Excluding Targets from a Scan nmap [targets] --exclude [targets] nmap 192.168.0.1/24 --exclude 192.168.0.100, 192.168.0.200 Excluding Targets Using a List nmap [targets] --excludefile [list.txt] nmap 192.168.0.1/24 --excludefile notargets.txt Perform an Aggressive Scan nmap -A [target] nmap -A 192.168.0.1 Scan an IPv6 Target nmap -6 [target] nmap -6 1