Open Challenge: Ruby YAML.load(YOUR_STRING_HERE) == RCE?
For some, the challenge may already be quite clear by the title of this post, but I'm going to add ...
Read MoreStay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
TrustKeeper Scan Engine Update – March 18, 2015
The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management ...
Read MoreStealing RubyGems API Keys during Post Exploitation
Between April and May of 2013, I presented at SOURCE Boston and THOTCON and blogged about some of ...
Read MoreSigned Ruby Gems: A c7decrypt walk-through
As someone who's responsible for a number of Ruby projects, both open-source and commercially ...
Read MoreIdentify Crimeware Strains with Edit Distance
When trying to identify crimeware/malware, it's a good idea to design a multi-part system that ...
Read MoreMonkey Patching the Matrix
For those of you not familiar with monkey patching, it's a mechanism to "extend or modify the ...
Read MoreCVE-2014-2120 – A Tale of Cisco ASA “Zero-Day”
A few months ago I was trying to PoC a known cross-site scripting vulnerability in the Cisco ASA ...
Read More“Reversing” Non-Proxy Aware HTTPS Thick Clients w/ Burp
A little over a month ago, I published a Metasploit auxiliary module for brute-forcing Cisco ASDM ...
Read MoreFingerprinting Ubuntu OS Versions using OpenSSH
Over the past couples weeks, I've been working on enhancingthe operating system detection logic in ...
Read MoreVino VNC Server Remote Persistent DoS Vulnerability
Last week, I was making some performance enhancements to theVNC protocol implementations in the ...
Read MoreA Friday Afternoon Troubleshooting Ruby OpenSSL... it's a trap!
Last Friday I was trying out some new code that one of my colleagues wrote to help automate some of ...
Read MoreGetting Terminal Access to a Cisco Linksys E-1000
Over the past couple weeks, I've been spending a lot of time hacking on various embedded devices to ...
Read MoreAll Your Password Hints Are Belong to Us
This past weekend I ended up coming into the SpiderLabs office and "nerded out" with my good friend ...
Read MoreStamping Out Hash Corruption, Like a Boss
Have you ever dumped LM and NTLM password hashes from a Windows system using the registry and never ...
Read MoreBypass Vulnerabilities in Squid and McAfee Web Access Gateway
About two weeks ago, a Brazilian security researcher by the name of Gabriel Menezes Nunes released ...
Read MorePHP-CGI Exploitation by Example
Late last week, a vulnerability in PHP-CGI was disclosed, which allows all sorts of bad for folks ...
Read MoreWordPress 3.3.2 Addresses Setup XSS Vulnerabilities
Back in January we released a security advisory for WordPress, which included four vulnerabilities ...
Read MoreAdvanced BNAT in the Wild
Just this week, we were asked to help out with some "TCP weirdness" that was identified out on a ...
Read More