Hijacking NTLM-powered Mobile Apps (Part 1 - Cracking with Responder)

Doing a black-box test of a mobile app that uses NTLM authentication to speak to the web service? You may find your typical tools won’t work. Read on for information on intercepting, inspecting, and modifying the API calls. You might even get lucky and crack a clear-test master password.

September 30, 2018 · initstring

Out-of-Band XXE in Plex Media Server

The XML parsing engine for Plex Media Server’s SSDP/UPNP functionality was vulnerable to an XML External Entity Processing (XXE) attack. This would have allowed attackers to access arbitrary files and capture NetNTLM challenge/response.

August 1, 2018 · initstring

How to Lose Your Bitcoins: Part 2 (Cracking Bitcoin Core wallet.dat Files)

This is part two in a series of blogs on cryptocurrencies and security. The goal is to show how passwords can be recovered for encrypted Bitcoin Core (or Satoshi Client) wallets.

February 5, 2018 · initstring

How to Lose Your Bitcoins: Part 1 (Cracking Encrypted USB Drives)

This is part one in a series of blogs on cryptocurrencies and security. The goal show how your private keys could be extracted from an encrypted USB stick, like a Tails OS persistent volume.

January 18, 2018 · initstring

Penetration Testing Flash Apps (aka “How to Cheat at Blackjack”)

In this post, we will walk through detailed steps to intercept, review, modify, and replay flash-based web apps. For demonstration purposes, I’ve selected a blackjack-style card game.

September 17, 2017 · initstring

Hacking a Pizza Order with Burp Suite

A real-life example of bypassing UI restrictions in a web application.

September 3, 2017 · initstring

How to Spy on Your Android Phone

Beginners guide to intercepting HTTP traffic on Android.

July 28, 2017 · initstring

Scraping Song Lyrics for Password Attacks

Generate targeted password wordlists based on song lyrics for specific artists.

April 26, 2017 · initstring