#/archive for the category ‘Other’

(Slovenščina) BSidesLjubljana 2018 round 4

Sorry, this entry is only available in Slovenian.

BSidesLjubljana 2017 round 3

We hardly wait for round 3 of Conference BSidesLjubljana. This year the conference will take place on March 10, 2017. CTF will be also available. More information at https://bsidesljubljana.si/

Security BSidesLjubljana 2016 is coming

We are only two days away from Conference BSidesLjubljana. Community of information security enthusiasts is organizing again the conference, which will take place on March 9, 2016. Schedule is up with promising talks. For those participants who find security a little more exciting CTF will be available. More information at https://bsidesljubljana.si/

#hekerji.si

We are proud to share our knowledge in first Slovenian documentary film about hackers. Do they really exist in Slovenia? Who they are? What is their motivation?

The TV premiere will be on December 17, 2015 on channel TV SLO 2 at 8 PM.

Untitled

Reference
[1] http://www.hekerji.si/

Using CloudFlare and still leaking real IP address?

Recently I ran across interesting challenge. Some friends had problems with their service. Providing brand new service and having someone on the other side executing DDoS this service is not very promising beginning for some startup. Therefore, I decided to tackle this challenge and at the end it was not very hard to find leakage.

(more…)

Someone else’s trash is another man’s treasure

Everyone in a company is responsible for company’s data security. A company can spend billions of dollars on all kinds of security equipment, but it only takes one person for company’s security to be compromised [1].

(more…)

Wi-Fi security in Ljubljana

Here is a short story about access points (AP). We were wardriving through Ljubljana with a mission to analyze the security of Ljubljana’s Wi-Fi network. Our focus was collecting information about different authentication types in use. The goal was to capture a representative set of information about AP’s so that some assumption about security of Wi-Fi could be given. The only hardware we used was our Android mobile phone with the great Wigle Wifi Wardriving Android application. We already had a large database and we combined it with a smaller one that was obtained fresh from wardriving. The next step was to narrow down the area. Wigle Wifi app stores information about AP’s in a local SQL-lite database, so limiting the area was a piece of cake. (more…)

Security BSides Ljubljana Real-CTF

In the spirit of Security BSides Ljubljana 2015 there was CTF contest titled Real-CTF. Why choose such a title? Because it was designed like a virtual company with lots of vulnerabilities. Of course, the number and impact of vulnerabilities were enhanced so that the playground area was spread in X in Y axis of fun. Here is a short write up.

(more…)

Analysing Android Applications or just cheating in Games

The growing number of Android based devices, the simplified development process of Android applications and their wide spread usage is attracting potential attackers that are after financial gain. By analyzing the area of security issues addressing Android applications (APK’s ), we found out that there is no such thing as good tool to help with runtime analysis and we are too lazy to debug all the time. Therefore we developed a tool called Vaccine. Vaccine is used for dynamically analyzing APK’s. For detailed explanation continue reading. If you just want to use Vaccine visit link https://github.com/viris/android/tree/master/vaccine. Readme contains some additional information about how to use Vaccine.

(more…)

Using Fiddler

Fiddler is a proxy that can intercept all the HTTP(S) traffic that’s flowing between your client and the server you’re connected to. (more…)