How to exploit a website

| 0 comments

A website is only as secure as those who support the infrastructure. Also you must realize that nothing can ever be 100% secure and all you can really do is look at the risks and implement measures to reduce those risks. Take the time to review the OWASP 2013 Top Ten risks and you will quickly begin to visualize the security landscape, attack vectors, and involvement of personnel. If you are interested in top notch education jump over to PluralSight’s security course titled OWASP Top 10 Web Application Security Risks for ASP.NET. Please stay with me for a moment, but recently I purchased a t-shirt that said “Long story short: SYN, ACK, FIN” and I was asked by a network administrator what the intent of the message was. Do you see the irony in this question? I never pretend to know everything and take it from someone who started as a network administrator in the early 1990’s, then moving into software development primarily on the Microsoft platform for shy of two decades and then focusing on cybersecurity there is so much to learn and I continue to learn each and every day. In fact, I would argue that should you …

Continue reading

Email encryption using OpenPGP and Mailvelope

| 0 comments

For those of you looking for an encryption option for your web based email then you should consider the use of these products. OpenPGP.JS is a JavaScript library so therefore the idea is that this library can be used across devices. This differs from GNU Privacy Guard (GnuPG) and Gpg4win which are software based programs that you must install on your endpoint device. This is not to say you should not investigate what works best for you, but it does provides options. Things could not be any simpler then a quick install of Mailvelope which is an extension within the web browser. At the time of this writing the extension is available for Google Chrome and planned for Firefox. Currently there is support for four major mail providers and this includes Gmail, Yahoo, Outlook.com, and GMX. Once you install the extension in Chrome you can access the menu by clicking on the padlock and key icon to the right of the address bar. The first step you need to take is to generate your key. Go ahead and click generate key. At this stage you will enter your information to include a password. Note: please use a strong password! There …

Continue reading

WiFi WPA2 Hacking 101

| 0 comments

I want to introduce the idea of breaking WPA2 security by obtaining the password defined by a given network. The reason I am writing about this is both for educational reasons and from the perspective of strengthening security. In many ways I wish I could say that I surprised about just how easy it is cracking a WiFi password, but many people I talk with seem to think that Wi-Fi Protected Access II (WPA2) itself is he gatekeeper. Of course this is not true and just like anything else where a password is involved the password itself is the gatekeeper. Stepping back for a moment, a look at WPA2 is needed to understand what this is and what it provides.  As of 2006 all WiFi devices must support this security protocol. After seven years this in itself likely means that the security of this protocol is far outdated. The fact is, at least from my point of view, is that nothing is truly secure and the moment the public is involved it is simply a matter of time before an exploit occurs. In the case of WPS2 I use the term password, but the technical term is pre-shared key. This …

Continue reading

How to defend against Cross Site Scripting with Microsoft .NET 4.5 AntiXss

| 0 comments

One of the most common threats to websites is cross site scripting (XSS) which is the idea that a malicious user is attempting to load content into your website. Examples include JavaScript and HTML. This attack is carried out typically via a form input or query string. XSS can result in very nasty results which include content modification or worse hijacking user account information. If you’re asking yourself how you can possibly reduce the likelihood of this threat, the answer is simple. Encode and never trust user input under any circumstance. It is not that all users are attackers, but mistakes do happen and for this reason if you never trust the input you will find that you are ahead of the game. There are three basic types of XSS vectors. Reflected: This type of attack is the act of injecting code either thru input or output as part of the request. Stored: This type of attack stores the injection in a persistent state on the target server. Typically this often is a database. DOM: The document object model attack is delivered via the HTTP response which typically resulted from the stored attack vulnerability. A1-Injection description A1-Injection Injection flaws, such …

Continue reading

Spoof your MAC address

| 0 comments

First I want to talk about what the media access control address (MAC) address is before moving into the idea of spoofing a MAC address and the reasons you want to do so. I hope you are familiar with the OSI Model, if not take the time to study the following diagram. Understanding where a MAC address resides in the context of the OSI Model is critical both for real world application as well as industry certifications. I suppose you could always bypass the knowledge and simply spoof you MAC address, but what is the fun in that? Layer two is responsible for the physical addressing of the network and this is done via MAC addresses. A MAC address is a unique identifier that is assigned to a network interfaces and these addresses are assigned by the manufacturer of a given network interface controller (NIC). Often these addresses are stored in memory or even the firmware. If you pick up your router or cable modem you will find a label similar to the following that list the MAC address. A MAC address is a twelve digit hexadecimal number typically in the formation of MM:MM:MM:SS:SS:SS or 00:90:54:12:34:56. The first six digits …

Continue reading