#/blog

Security BSides Ljubljana Real-CTF

In the spirit of Security BSides Ljubljana 2015 there was CTF contest titled Real-CTF. Why choose such a title? Because it was designed like a virtual company with lots of vulnerabilities. Of course, the number and impact of vulnerabilities were enhanced so that the playground area was spread in X in Y axis of fun. Here is a short write up.

(more…)

Challenges for youngsters

Viris participated on event Challenges for youngsters, organized by SPIRIT Slovenija. There are series of workshops through whole year where youngsters are invited to solve business challenges for different types of companies. Youngsters have one week to solve concrete challenge and to present results. This workshops should also help prospective youngsters get jobs. More information at http://www.podjetniski-portal.si/o-podjetnistvu/izzivi-mladim or at https://www.facebook.com/
pages/Izzivi-mladim/752286194841442
.

Security BSides is Coming to Slovenia

Community of information security enthusiasts is organizing Security BSidesLjubljana conference, which will take place on 12 March 2015. The conference is organized in the spirit of other BSides and will include topics like hacking and cracking, protection, security and new technologies. BSidesLjubljana invites all authors that are willing to reveal old, new and still accurate topics, to submit their papers. Call for papers is open till 15 February 2015. More information at http://bsidesljubljana.si/cfp/.

Analysing Android Applications or just cheating in Games

The growing number of Android based devices, the simplified development process of Android applications and their wide spread usage is attracting potential attackers that are after financial gain. By analyzing the area of security issues addressing Android applications (APK’s ), we found out that there is no such thing as good tool to help with runtime analysis and we are too lazy to debug all the time. Therefore we developed a tool called Vaccine. Vaccine is used for dynamically analyzing APK’s. For detailed explanation continue reading. If you just want to use Vaccine visit link https://github.com/viris/android/tree/master/vaccine. Readme contains some additional information about how to use Vaccine.

(more…)

Using Fiddler

Fiddler is a proxy that can intercept all the HTTP(S) traffic that’s flowing between your client and the server you’re connected to. (more…)

MiniUPnPd Analysis and Exploitation

UPnP Summary

Universal Plug and Play (UPnP) is a network protocol that allows seamless discovery of network devices in order to communicate with each other. The UPnP daemons are enabled by default on various devices like routers, printers, smart TVs etc. UPnP daemon is listening on UDP port 1900 and can expose the SOAP interface to the client. The problem is that there are various vulnerabilities present in UPnP daemon executables as well as the libraries they use which the attacker can use to exploit the target.

(more…)

Teensy and Slovenian Keyboard Layout

Recently we have had a project and we had to simulate attacks with social engineering. One of the attacks was also visiting a company as an IT administrator, gaining access to the premises and inserting a Teensy USB HID into desktop computer running Windows 7 or Windows 8.

(more…)

Malware Surveillance in Slovenia: Science-Fiction or Reality

In the last couple of years malware has reached a widespread use not only in a widespread world, but also in Slovenia. This is not something that isn’t happening in our country, but is a reality. Let’s take a look at the first picture [1], which presents the countries targeted by the NetTraveler malware. We can see that most of the world is affected and Slovenia is also present on the map.

(more…)

Results of Digital Challenge HEK 2013

This year we participated at the conference HEK 2013. We prepared interesting tasks from the field of computer science, information science, cryptography and stenography, programming, and also mathematics. This time there was 39 competitors, so it was difficult to win the competition, because of the fierce opponents. There were total of 29 tasks with total sum points of 6150. The best among the competitors reached 4450 points, and solved 24 tasks. There were also social engineering task, where the competitors had to obtain certain information from beautiful Doroteja, which was required in order to obtain the password for one of the tasks. The competition was open one day before the conference, but was generally held during the conference, the 11th and 12 April. The top three also received practical reward.

I would like to congratulate all of the competitors for solving any digital challenge.

The scores of the top ten users are presented in the table below:

Place Player Solved tasks Points
1 snake 24 4450
2 kernc 20 3900
3 grego87 20 3700
4 deny5 19 3150
5 administrator 18 2850
6 plesauc 16 2650
7 mojca 16 2650
8 marjetica 14 2200
9 tomaz 14 2200
10 matox 15 2200

Wi-Fi Protected Setup (WPS)

The WPS standard was developed in 2007 by the Wi-Fi Alliance (a trade association that promotes wireless LAN technology and certifies products if they conform to certain standards of interoperability) to allow home users who know little of wireless security to set up WPA2 as well as making it easy to add new devices to an existing network. In December 2011 researcher Stefan Viehböck reported a design and implementation flaw to the US-CERT. The flaw makes brute-force attacks against PIN-based WPS feasible to perform on WPS-enabled Wi-Fi networks. The vulnerability note is available on the US-CERT’s web site.

(more…)