Select Page

Reverse Engineer Router Firmware – Part 1

This series will follow the process of reverse engineering router firmware with the purpose of discovering any vulnerabilities that could be used either remotely or locally to compromise the router. In this section I will mainly be covering how to extract/download the...

SECFORCE will be presenting at OWASP

SECFORCE will present Tunna framework and a number of techniques penetration testers can benefit from to bypass network firewalls. The presentation will include common scenarios in which HTTP tunnels can be use to bridge the gap between web application testing and...

4G LTE: Architecture and Security Concerns

4G is the fourth generation of mobile communication standards and it is very well underway to succeed the 3G technology and offer broadband performance, voice-video multimedia applications, significant increases in data rates and even better security(?). The main...

From CVS import to cmd.exe – via SQL injection

This blog post explains the process that we followed in a recent penetration test to gain command execution from a CVS import feature. One of the most challenging issues was that we had to escape commas during the SQL injection attack, as it would break the CVS...