Contact Sales

GoSecure Blog

Final-Connect-Image.jpg

Auditing CSP headers with Burp and ZAP

Content Security Policy (CSP)  is a HTTP header that instruct the browser to limit resource loading of media, styles and scripts.

Read More

Topics: auditor, burp, csp, tool, zap, header, http, plugin

Detecting Hidden Backdoors in PHP OPcache

In this article, we will be looking at the strategies to detect and analyze malware hidden inside an OPcache file. If you haven't read our previous article about hiding a binary webshell inside a PHP7 OPcache file, we suggest reading it before moving on.

Read More

Topics: backdoor, opcache, php, php7

Oracle PeopleSoft: still a threat for enterprises

In 2015, Alexey Tyurin from ERPScan presented at the Hack-In-The-Box Amsterdam conference [2][3] multiple attack vectors to defeat the widely used Oracle PeopleSoft (or PS) system. Many companies in various market verticals are relying on this massive and complex software to host confidential information about their employees, their students or even about the financial results of the company. Furthermore, many corporations are exposing this platform on the Internet, especially when relying on PS for career portals or student portals. A year later, I am still amazed to see publicly accessible systems or internal PeopleSoft deployments during our intrusion testing practice that are vulnerable to these common attack vectors. These deployments fail to deliver a useful result, putting the entire company workforce identity at risk. The following post will explain how to attack the PS_TOKEN, as well as describe our contributions to John the Ripper and oclHashcat in order to speed up the cracking process.

Read More

Topics: threat, enterprise, oracle, password, peoplesoft

Binary Webshell Through OPcache in PHP 7

In this article, we will be looking at a new exploitation technique using the default OPcache engine from PHP 7.  Using this attack vector, we can bypass certain hardening techniques that disallow the file write access in the web directory. This could be used by an attacker to execute his own malicious code in a hardened environment.

Read More

Topics: web, exploitation, opcache, php, php7, Featured

Your credentials at risk with Lansweeper 5

As a penetration testers, we rarely have to find ‘zero day’ vulnerabilities or perform ‘bug hunting’ in order to compromise Windows Active Directory Domains. However, in one of these rare cases while performing an internal penetration test for a client, we had to do so.  Lansweeper is an inventory software that scans your network in order to gather system information such as patch level, network interfaces, resources status, etc.   We were fairly surprised during this test when we were able to access Lansweeper 5's dashboard with a regular user account.  Our customer was actually shocked and swore that he had configured only Domain Admin access on this Web interface.  According to him, a recent update must have reset the login permission on the dashboard.  At first, we were doubtful that explanation would hold up to scrutiny. Our curiosity increased when we realized that Domain Admin accounts, SSH keys, Linux root passwords and all the “juicy stuff” one normally finds in a password vault is stored on a Lansweeper server.  The result of our experimentation: Three vulnerabilities were identified that led to the full compromise of our customer’s network infrastructure. Later that week, our client sent us a copy of an email exchange with Lansweeper (formerly Hemoco) confirming the issues reported and that everything should be fixed by version 6.

Read More

Topics: cryptography, exploitation, lansweeper, password

On the road to AtlSecCon

AtlSecCon is almost there! Philippe and I are pretty excited to be speaking there this year!

Read More

Topics: Atl Sec Con, conference

XSS for ASP.net developers

As a follow-up to the conference given at Confoo few weeks ago, we are doing a focus article on the same topic. The presentation was giving an overview of the modern XSS attack vectors and filter bypass. In this blog post, we will take a closer look at XSS in the context of .NET applications.

Read More

Topics: ASP.net, Confoo, RequestValidation, XSS

GoSecure proud to support AtlSecCon and NorthSec 2016

At GoSecure we believe that improving the security posture of Canadian companies has to happen through better security awareness and education of IT professionals.

Read More

Topics: Atl Sec Con, NorthSec

Internet of Threats, an OWASP Montreal Presentation

Our own Olivier Bilodeau will be presenting with Thomas Dupuy of ESET Canada Reseach about malware affecting "Internet of Things" (IoT) devices. A free event hosted by OWASP Montréal in downtown Montreal.

The presentation will be in French with the slides in English.

Here is the abstract:

More and more devices are connected to the Internet. Under the moniker "Internet of Things" (IoT) these "things" generally run an embedded Linux system of the MIPS or ARM architecture. The unresolved problem of software updates and short vendor support cycle combined with the lack of effort into systems security and application security makes these devices an easy target. This last year we have analyzed several malware samples targeting these architectures. Internet accessible embedded systems are being compromised via vulnerabilities (like Shellshock) or because of their weak default configuration.

Our presentation will cover some of the analysis we performed:

  • - Linux/Moose, a malware that propagates by itself and perform social network fraud on Twitter, Facebook, Instagram and more
  • - LizardSquad and foreign actors that are leveraging embedded systems to perform distributed denial of service attacks (DDoS)
  • - Win32/RBrute, desktop malware that changes router settings in order to infect more victims. This is distributed by the Sality botnet.
  • - An Exploit Kit that leverages router vulnerabilities through a Web browser to perform "DNS poisoning"

Finally, some advice will be given to the audience in order to help protect themselves, their organizations and their families.

Read More

Topics: malware, IoT, conference, linux, moose