In my first test, I worked with my manager. It was a web test and one that was pretty solid. However one fun thing was something I saw in a presentation at BSides Baltimore last week. A bad password policy may be a low finding. A lack of bad auth attempt lockout feature may be a low finding. A username enumeration may be a low finding. However, if a site has all three? That is a critical finding. If you can enumerate a list of valid usernames (just check LinkedIn for names and figure out the username format) and then throw the top 1000 passwords against a list of usernames, you’ll get in.
Some other stuff too, but also wrote the report and sent it in. Looking forward to the next one!
101 total views, no views today
I got a job as a penetration tester, which I think is really exciting. It is a job that I get excited about. One that causes frustration and a feeling of accomplishment. I’ll officially start on April 11th. My plan is to track my progress here, and document things that I learn, in general.
I contacted some other friends who are pentesters and asked for their advice, ideas on things they wish they knew when they got started. I was given two great pieces of advice on things to read or study up on. One was to read the publications on GitHub from Cure53. Today I read their whitepaper on X-Frame-Options and various ways to still bypass the clickjacking protection it provides. I’m looking forward to reading the others, once I finish the other recommendation…The Tangled Web! Continue reading
132 total views, no views today
Sometimes you hear of third party content providers getting compromised. Those are the widgets that sites use for content links. Those may be in the form of little ads or may be a “You’ll never believe what this Hollywood star did!” Sites trust those providers to load content into their site. But what happens when one of those get compromised by hackers? The hackers can then push their message or their malware onto dozens or possibly hundreds of sites all at once. Want to know more about it? I wrote a section on “Emerging Threats” for the Akamai State of the Internet Report. I’d suggest the reading the whole thing but my part starts on page 29.
56 total views, no views today