2013
Rogue Access Points, a how-to
In preparation for our wireless training course at BlackHat Vegas in a few weeks, I spent some time updating the content on rogue/spoofed access points. What we mean by this are access points under your control, that you attempt to trick a user into connecting to, rather than the “unauthorised access points” Bob in Marketing bought and plugged into your internal network for his team to use. I’ll discuss how…
Technical Project Manager Role
As SensePost grows, so does our desire to ensure a healthy balance between technical savvy and organisational skills. As a result, we are on the lookout for a Technical Project Manager based in our Pretoria office in South Africa. Job Title: Technical Project Manager Salary Range: Industry standard, commensurate with experience Location: Pretoria, South Africa About the role Define and implement Project workflows for various service lines. Architect , source…
A software level analysis of TrustZone OS and Trustlets in Samsung Galaxy Phone
Introduction: New types of mobile applications based on Trusted Execution Environments (TEE) and most notably ARM TrustZone micro-kernels are emerging which require new types of security assessment tools and techniques. In this blog post we review an example TrustZone application on a Galaxy S3 phone and demonstrate how to capture communication between the Android application and TrustZone OS using an instrumented version of the Mobicore Android library. We also present a…
BlackHat Challenge – 2013
One of the things we try and get across in our training – is that pen-testing requires out of the box thinking. It’s also about solving puzzles and making things work the way you want them to. It’s about identifying the small vulnerabilities (which are often easy to spot), and trying to leverage them into something useful. A key process we strive to do at SensePost, when performing these penetration…
Honey, I’m home!! – Hacking Z-Wave & other Black Hat news
You’ve probably never thought of this, but the home automation market in the US was worth approximately $3.2 billion in 2010 and is expected to exceed $5.5 billion in 2016. Under the hood, the Zigbee and Z-wave wireless communication protocols are the most common used RF technology in home automation systems. Zigbee is based on an open specification (IEEE 802.15.4) and has been the subject of several academic and practical…
Something about sudo, Kingcope and re-inventing the wheel
Willems and I are currently on an internal assessment and have popped a couple hundred (thousand?) RHEL machines, which was trivial since they are all imaged. Anyhoo – long story short, we have a user which is allowed to make use of sudo for a few commands, such as reboot and service. I immediately thought it would be nice to turn this into a local root somehow. Service seemed promising…
Black Hat Vegas 2013 – Course Summaries
We have an updated breakdown of our BlackHat courses here With the ‘early registration’ discount period coming to an end on May 31, I wanted to provide an overview of what courses we’re offering and how those courses fit together. Please be sure to take advantage of these discounted prices whilst they’re still available. This summary will help you decide which course is best for you… 1. “Cadet” is our…
BlackOps Hacking Training – Las Vegas
BlackOps you say? At SensePost we have quite a range of courses in our Hacking by Numbers series. We feel each one has its own special place. I’ve delivered almost all the courses over the years, but my somewhat biased favourite is our relatively new BlackOps Edition. Myself (Glenn) and Vlad will be presenting this course at BlackHat Vegas in July. Where Does BlackOps fit in? Our introductory courses (Cadet…
Stay low, move fast, shoot first, die last, one shot, one kill, no luck, pure skill …
We’re excited to be presenting our Hacking By Numbers Combat course again at Black Hat USA this year. SensePost’s resident German haxor dude Georg-Christian Pranschke will be presenting this year’s course. Combat fits in right at the top of our course offerings. No messing about, this really is the course where your sole aim is to pwn as much of the infrastructure and applications as possible. It is for the…
Your first mobile assessment
Monday morning, raring for a week of pwnage and you see you’ve just been handed a new assessment, awesome. The problem? It’s a mobile assessment and you’ve never done one before. What do you do, approach your team leader and ask for another assessment? He’s going to tell you to learn how to do a mobile assessment and do it quickly, there are plenty more to come. Now you set…