Getting started with the Mark IV WiFi Pineapple

| 0 comments

The WiFi Pineapple is an amazing and fun piece of technology. To be honest, I purchased this technology late in 2013 and I never really sat down and played with it until recently. I sat down with my MacBook Pro and in no time at all I was frustrated that I was not able to get the Pineapple working properly. My issue was either I was successful at obtaining an external IP address, but I was not successful at accessing the Pineapple’s web interface of 172.16.42.1:1471 and it took a bit of research to find out the root cause. In …

Continue reading

Metagoofil makes metadata extraction easy

| 0 comments

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf, doc, xls, ppt, docx, pptx, xlsx) belonging to a given target or victim website. The tool will perform a search in Google to identify and download the documents to local disk and then will extract the metadata with different libraries like Hachoir, PdfMiner and others. With the results it will generate a report with usernames, software versions and servers or machine names that will help Penetration testers in the information-gathering phase. Metadata serves five purposes: resource description; information retrieval; management of information; rights management, ownership and …

Continue reading

Email and file security using GPGTools

| 0 comments

Here we are talking about encryption again. Those men in black seem to be everywhere these days and I am not sure about you, but trust seems to be more and more difficult to come by these days. Before I get started about the use of GPGTools, I want to step up to the soapbox and talk a little bit about email phishing since this post is addressing email security. Phishing is a type of fraud that seeks to acquire a user’s credentials by deception. It includes theft of passwords, credit card numbers, bank account details or any other types …

Continue reading

TrueCrypt goes dark

| 0 comments

Today was an interesting day in term of security within the encryption community. The developers of TrueCrypt have made the following statement: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues.” It is not clear exactly what is driving this decision and one can only guess at this point unless the development team comes out an conclusively comments on what the driving factor was. What makes this even more interesting, at least from my perspective, is the fact a security audit was just completed in April 2014. At that time, the phase 1 audit did not …

Continue reading

Doomed software developers that do not understand security

| 0 comments

Say for a moment you have a software development task to notify end users of a specific event and this notification is critical for a number of reasons. Would the average development team understand the best architectural design? What if I told you that you development team goes off and creates the software and it is a success, but in no time the network becomes unstable and eventually crashes. Sound impossible? Not if the software essentially performed a denial-of-service (DoS) attack. In a DoS attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your …

Continue reading

DNS rebinding and IDS signatures

| 0 comments

DNS rebinding attacks have been around for a number of years and still present challenges today. This type of attack can propagate via malware and individuals who do not act appropriately to protect themselves often will become unknowing and unwilling victims. Often this risk is in play because of popular technologies such as Flash and the lack of common standards across vendors. DNS Rebinding Analysis I found the concept of DNS rebinding to extremely complicated. Upon investigation, I found that web browsers handle DNS queries differently during the Time to Life (TTL), for example, Internet Explorer uses what is called …

Continue reading