This slide is useful to understand about "Unquoted Service Path Exploitation" and how we can prevent our operating system against these kind of attacks.
"In this comprehensive workshop Johnny Tu, Senior Trainer at ServiceRocket, will be covering some more advanved concepts of Postman
1. Collection Runs
2. Advanced Scripting (Snippets)
3. API Documentation
4. Mock Servers
5. Monitors
6. Postman API
7. Postman for Continuous Integration"
Deployment automation framework with seleniumWenhua Wang
In my slides, I presented my experience in setting up a deployment automation framework with selenium.
The deployment automation framework dramatically dramatically reduced my deployment workload.
I hope my deployment automation setup experience help you in your own/customized automation framework setup with selenium and other open source tools.
Solution about automating end to end server testYu Tao Zhang
As we known, you have to test the server which installed on your virtual server, whatever Linux or Windows, after you provisioned a virtual server in your cloud or IT infrastructure.
In the solution, I provided the automated methods to archive above test goals.
"In this comprehensive workshop Johnny Tu, Senior Trainer at ServiceRocket, will be covering some more advanved concepts of Postman
1. Collection Runs
2. Advanced Scripting (Snippets)
3. API Documentation
4. Mock Servers
5. Monitors
6. Postman API
7. Postman for Continuous Integration"
Deployment automation framework with seleniumWenhua Wang
In my slides, I presented my experience in setting up a deployment automation framework with selenium.
The deployment automation framework dramatically dramatically reduced my deployment workload.
I hope my deployment automation setup experience help you in your own/customized automation framework setup with selenium and other open source tools.
Solution about automating end to end server testYu Tao Zhang
As we known, you have to test the server which installed on your virtual server, whatever Linux or Windows, after you provisioned a virtual server in your cloud or IT infrastructure.
In the solution, I provided the automated methods to archive above test goals.
Selenium is used in many IT companies due to its numerous advantages compared to other automation testing tools in the market.We provide best Selenium training in Chennai with real time scenarios. We are the best training institute in Chennai providing the real time training in Chennai
Windows privilege escalation by Dhruv ShahOWASP Delhi
Different scenarios leading to privilege escalation
Design issues , implementation flaws, untimely system updates , permission issues etc
We ain’t talking about overflows here , just logics and techniques
These slides is from a session about load testing. It starts with an introduction to non-functional testing then demonstrating the phases and criteria of load testing with K6.
Presented by,
Ms. Anjali K G
Quality Assurance Engineer, Livares Technologies
Java open source desktop application
Designed to analyze and measure performance of web applications
JMeter has friendly GUI
Platform independent
Full multithreading framework
Visualize test result
Easy installation
Support multi protocol
Record and play back
Can be integrated with selenium for automated testing
In this session we will be setting up remote access VPN using Certificate as an authentication mechanism but for Authorisation we will use Cisco ISE as a Radius Server.
This document will guide you on how to setup GET VPN using multicast mechanism over your network. This will come handy for all CCIE Security aspirants.
This is a Getting started with Kali linux guide. In this PPT we have touched various steps, which are required to setup your machine before proceeding further. We have covered topics like HTB (Hack the Box), Installation of Python, Installation of Kali Linux, How to install Terminator & How to install Tmux
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
2. Introduction
• This exploitation technique is used to perform Privilege Escalation from non admin / non Root
user to System / Admin user. We will exploit unquoted service path for the services.
• Used with Windows Operating System.
• Services running on the server can be:
• Unquoted
• Quoted
3. Introduction
Are all unquoted service path are vulnerable ?
• A: No. If there are no spaces in the name of the directory i.e.
ProgramFiles [non vulnerable] || Program Files [vulnerable]
Service Path: C:Program FilesA SubfolderB SubfolderC SubfolderSomeExecutable.exe
In order to run SomeExecutable.exe, the system will interpret this path in the following order from
1 to 5.
Step 1: C:Program.exe
Step 2: C:Program FilesA.exe
Step 3: C:Program FilesA SubfolderB.exe
Step 4: C:Program FilesA SubfolderB SubfolderC.exe
Step 5: C:Program FilesA SubfolderB SubfolderC SubfolderSomeExecutable.exe
If C:Program.exe is not found, then C:Program FilesA.exe would be executed. If C:Program
FilesA.exe is not found, then C:Program FilesA SubfolderB.exe would be executed and so on.
4. Tips
• Use below script to search for vulnerable services:
wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v
"C:Windows" | findstr /i /v ""“
• Service name = Some Vulnerable Service.
• Path name = C:Program FilesA SubfolderB SubfolderC SubfolderSomeExecutable.exe
• Display name = Some Vulnerable Service
• Start mode = Auto
5. Lab Demo
• Step 1: We ran our command to find out any possible vulnerable services. Only
last 3 services are not quoted – Some Vulnerable services, Babi Service & myBabi
Service.
6. Lab Demo
• Check the services. This service is configured for Auto Start, which
means it will try to automatically started after reboot.
8. Lab Demo
• Step 2: In this case we will try to exploit it. Let’s check if our user has
privileges. The folder has Write privileges, which is inherited from the
parent folder.
9. Lab Demo
• Step 3: We analyzed the directory and placed babi.exe (reverse shell
payload) as shown below.
10. Lab Demo
• Finally we start to run the application. It is not important for us to run
the service, but going through the path is important.
11. Create your own vulnerable Service
• Create your own service for dhruv.exe
• Provide write access to Dhruv Sharma directory
icacls "C:Program FilesA Subfolder" /grant "BUILTINUsers":(F) /t [full access]
icacls "C:Program FilesA Subfolder" /grant "BUILTINUsers":W [write access]