TMB

WARNING: May void warranty

Published 03/09/2013 | By TMB

Having just arrived back from a client engagement, I was in the pub with some colleagues earlier this evening, and one amongst them, a junior asked a really interesting question “How does one assess an embedded device?”. Continue reading →

Posted in Blog | Tagged hardhack

We’re all going on our summer holidays…

Published 26/07/2013 | By TMB

We’re not really, but some of the Portcullis Labs Team are off to OHM 2013 in Holland. For those of you who don’t know, OHM is the latest in a long line of four yearly “hacker” conferences that take place in a field, with the participants camping out. Unlike more conventional conferences such as DEF CON in Vegas, OHM and its previous incarnations focus on more than simply traditional information security, by also appealing to those who appreciate the DIY spirit of the maker community. Unlike the aforementioned DEF CON, you will see talks on topics such as how to make cheese and 3D printing at OHM. With this in mind, and with the promise of post-con articles on things we enjoyed, I asked the Team what talks they’re particularly keen to see: Continue reading →

Posted in Blog | Tagged conference, OHM2013

In the lab, popping CVE-2013-4011 for AIX 7.1…

Published 20/07/2013 | By TMB

Early this morning, whilst checking my mail, I saw an interesting advisory come out on one of the lists. The fact that it affects AIX 7.1 was particularly interesting because this is the most recent release. Unlike some of the other commercial UNIX vendors, IBM make their security patches nice and accessible, so I decided to take it for a spin. Continue reading →

Posted in Blog | Tagged AIX, analysis, CVE-2013-4011, exploit, imisslsd, root

UNIXSocketScanner

Published 31/01/2013 | By TMB

UNIXSocketScanner is a UNIX domain socket scanner. Continue reading →

Posted in Tools | Tagged 44CON, conference, imisslsd, UNIX

VulnApp

Published 15/09/2012 | By TMB

VulnApp is a vulnerable web application written in ASP.net. Continue reading →

Posted in Tools | Tagged ASP.net, SDL, training

Big Game Hunting: Simple techniques for bug hunting on big iron UNIX

Published 10/09/2012 | By TMB

Presentation on auditing and bug hunting on AIX (as given at 44CON 2012). Continue reading →

Posted in Presentations | Tagged 44CON, conference, exploit, root, UNIX

Breaking the Links: Exploiting the Linker

Published 27/03/2012 | By TMB

Presentation on exploiting linkers based on my paper (as given at Uncon 0×12 and CRESTCon 2010). Continue reading →

Posted in Presentations | Tagged analysis, conference, CRESTCon, exploit, UNIX

HTML 5 Good Practice Guide

Published 27/03/2012 | By TMB

This document is not intended to be a definitive guide, but more of a review of the specific security issues resulting from the use of HTML 5. Continue reading →

Posted in Whitepapers | Tagged GPG, HTML5, SDL, training

SSHatter

Published 16/02/2011 | By TMB

SSHatter is a perl script to perform brute force attacks on SSH. Continue reading →

Posted in Tools | Tagged root, SSH, UNIX

Next Generation Malware: Windows Vista’s Gadget API

Published 31/03/2008 | By TMB

Windows has had the ability to embed HTML into it’s user interface for many years. Right back to and including Windows NT 4.0, it has been possible to embed HTML into the task bar, but the OS has always maintained a sandbox, from which the HTML has been unable to escape. All this changes with Windows Vista. Continue reading →

Posted in Whitepapers | Tagged analysis, exploit, Windows