OWASP FSTM step 6: firmware emulation
Step 6 of the OWASP FSTM methodology shows how to perform firmware emulation of a device and builds on the previous steps
Hacking of social network accounts and creation of fake profiles: No one is safe
Social networks are fully incorporated into our lives. Currently, 85% of the Spanish population uses a social network, both on a purely personal and professional level. Likewise, 67% of Spanish companies used social networks as communication and business tools in 2021. Given their level of penetration in society and their economic impact, numerous malicious actors are increasing the frequency and ways of hacking social network accounts for spurious purposes, from impersonation to account hijacking and transformation. Just as technology has evolved rapidly in recent years, criminals have also innovated when it comes to designing tactics and implementing techniques to make their attacks successful. Professionals who provide cyber intelligence services have found that social networks have become an attack vector for ...
Stolen accounts, IPTV apps and pirate platforms: how audiovisual fraud work
You get home after a long day at work. You open a bottle of wine and sit down in front of the TV to watch an episode of a series that helps you relax and disconnect. But when you try to log in to your account on a well-known streaming platform, the system tells you that the user limit has been exceeded. How is this possible if you can have four connected devices and you only have one? You have probably been a victim of one of the most popular audiovisual fraud: the theft of streaming portal accounts. This hypothetical situation allows us to shed light on one of the biggest challenges faced by companies dedicated to the production, distribution, ...
Wi-Fi Sniffer for Windows and 802.11 packet viewer
Acrylic Suite is a software developed by Tarlogic team that provides a powerful WiFi sniffer to analyse communications and WiFi security on Windows 11 and Windows 10 computers. To quickly turn any Windows computer into a powerful Wi-Fi network sniffer, we only need two things: A WiFi card. Install the Acrylic Wi-Fi Sniffer software. WiFi network signal sniffer In this article we will explain how to carry out this task on Windows and access to all the WiFi information and to the 802.11 communication frames in the 2.4Ghz, 5Ghz and 6Ghz frequency bands. WiFi card with monitor mode support The first step to detect WiFi signals with our sniffer is to have an USB card or an integrated ...
One shell to HANDLE them all
Introduction During a Red Teaming engagement, the exploitation of vulnerabilities in web apps usually offers a good chance of establishing a foothold into the target’s infrastructure or compromising an internal asset for lateral movement. From there on, a common approach is to upload a web shell and start looking for privilege escalation opportunities. When we talk about Windows environments, this privilege escalation from a web shell often relies in the abuse of the SeImpersonate and/or SeAssignPrimaryToken privileges using any of the various “Potato” exploits available in public repositories. However, since these are very well-known techniques, sometimes it may not be the best approach, especially when dealing with highly monitored environments. In these scenarios, as well as in general, it is important ...
Counter-Phishing: Anticipating the criminals
Generally speaking, we estimate risks based on our ability to protect ourselves against the actions that trigger them. This capacity increases the more knowledge we have of the event itself. In the field of cybersecurity, cyber-intelligence services such as Counter-Phishing have started from this premise and have become indispensable allies to knowing in detail the techniques, procedures, actors, and technology used behind phishing, a constantly growing threat. Phishing campaigns and their different variants such as vishing or smishing have become a headache for companies and institutions around the world, especially for entities in the financial sector. Through fraudulent e-mails, phone calls, and SMS, criminals seek to deceive mainly end users by impersonating organizations or third parties. As a cross-cutting variable ...
CVE-2022-42889: Text4Shell, Critical Vulnerability in Apache Commons Text
As happened in December last year with Log4Shell, the vulnerability that affected a multitude of Java products that made use of the Log4J library, a new alert has arisen for the vulnerability that is now known as Text4Shell. This vulnerability (CVE-2022-42889) also affects Java products that make use of a specific functionality of the Apache Commons Text library, and could allow a remote attacker to execute arbitrary code on a server. Apache Commons Text library is an alternative library to the native Java JDK functionalities for processing text strings focused on specific algorithms for managing this type of data. Its available methods allow the use of interpolation through prefixes, variables and template marks. Despite the high CVSS score assigned to ...
OWASP FSTM, stage 5: Analyzing filesystem contents
The operation of IoT and embedded devices relies on an operating system that stores configuration and executable files in a file system embedded in the firmware. This article focuses on analyzing filesystem contents, which can provide crucial information about device operation and vulnerabilities. In the following sections, the general process of analyzing the contents of a file system is presented in different sections, starting with an understanding of the start-up process and the services that are executed, and then providing an overview of the most relevant file types on which to focus the search for information. The fifth stage of the OWASP Firmware Security Testing Methodology aims to obtain as much information about the operation of the system as possible ...
OWASP FSTM, stage 4: Extracting the filesystem
Many IoT devices run an embedded Linux operating system that can be found included in the firmware image, along with the corresponding file systems. This article discusses the identification and how to extracting the filesystem from a firmware image. The file system contains the executables, configuration files, scripts and services run by the operating system, so accessing it allows an in-depth analysis of the operation and characteristics of an IoT device. The analysis can be divided into initial recognition phases, the identification of existing file systems in the firmware and their extraction or assembly. The fourth stage of the OWASP Firmware Security Testing Methodology aims to identify the file systems that can be found in a firmware image, detect the ...
OWASP FSTM, stage 3: Analyzing firmware
Analyzing a firmware dump is not a simple task that can be summarized in simple steps to obtain a formula valid for all cases. Different techniques that can help extracting data from these dumps will be reviewed down below. It is common during firmware analysis to be confronted with undocumented formats, proprietary solutions, and even encrypted data. For this reason, it is important not to lose the context in which the analysis is performed and to consider all the information gathered in the previous steps. With this context in mind, it will be possible to make a judicious choice between the various tools and techniques here proposed for analyzing firmware. Next, it is proposed to transform the available firmware dump ...