Our Blog
Dont look now, but it seems they broke the Interwebs again..
Reading time:
~1 min
Posted
by Haroon Meer
on
29 December 2008
Those pesky hackers! Alex Sotirov (of heap feng shui fame, famous for breaking everything from Vista, to web browsers, to...
We going to sue and make Squillions…..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
29 December 2008
or maybe not… The twitters informed me that Singe uncovered a case of brand plagiarism!!!1! -snip- -snip- So lets review.....
… Scrapy…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
28 December 2008
(an open source web crawling and screen scraping framework written in Python..) i promised deels i wld stay off the...
Ted Speaker List up and Free hackin9
Reading time:
Less than a minute
Posted
by Haroon Meer
on
23 December 2008
(aka 2 completely unrelated topics) You can grab a free copy of the Hackin9 magazine [here] And you can view...
Penetration Testing in 2009 – Opposing Viewpoints
Reading time:
~4 min
Posted
by nick
on
20 December 2008
The last few weeks have brought some fairly interesting predictions for 2009 to bear in CSO Magazine columns. Two recent...
More Conn News – PCI Johannesburg
Reading time:
Less than a minute
Posted
by Charl van der Walt
on
18 December 2008
I got contacted the other day (via LinkedIn actually, which is a 1st for me) about a PCI conference some...
ITWeb Security Summit 2009 – CFP Reminder
Reading time:
Less than a minute
Posted
by Charl van der Walt
on
18 December 2008
I wanted to remind folk that the CFP for the ITWeb Security Summit closes on 26 Jan 2009. You can...
Wikto 2.1 XMAS edition
Reading time:
Less than a minute
Posted
by francesco
on
15 December 2008
The latest version of Wikto (2.1) is available for download here. New features include time anomaly reporting and easier access...
Microsoft BlueHat, Videos Posted
Reading time:
Less than a minute
Posted
by Haroon Meer
on
02 December 2008
Microsoft has posted selected videos of the latest BlueHat talks [here]. It’s pretty cool that they are now releasing these...
Linux on iPhone..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
29 November 2008
While i normally find “Linux ported to run on your [nintendo/toaster/foo] stories only academically interesting, i think the thought of...
South Africa’s own IT Security “pubcast”
Reading time:
Less than a minute
Posted
by Haroon Meer
on
28 November 2008
Our good friend Anthony Olivier has launched his “IT Security Pubcast“. So far 2 episodes are online, with episode #2...
ITWeb Security Summit 2009 – CFP Now Open
Reading time:
~1 min
Posted
by Charl van der Walt
on
28 November 2008
A couple of months back SensePost were asked by a prominent South African media company to assist in the selection...
Wired Article on DNSGate..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
26 November 2008
Wired magazine has covered the DNSGate saga with full dramatic details like: “never, ever repeat what you just told me...
HBN Bootcamp – Christmas Edition
Reading time:
Less than a minute
Posted
by Charl van der Walt
on
11 November 2008
As a Christmas special we have scheduled an additional training course, Hacking By Numbers – Extended Edition (Bootcamp) in Pretoria,...
“Unix Terrorist” in trouble over TJX ?
Reading time:
Less than a minute
Posted
by Haroon Meer
on
06 November 2008
Anyone who was around for Defcon-10 will have an opinion on the infamous Gobbles-Silvio-UnixTerrorist talk in which mail spools where...
Preflighting Application Error (0xE800000*) on iPhones
Reading time:
Less than a minute
Posted
by Haroon Meer
on
04 November 2008
For those writing apps for the iPhone, you have a good chance of bumping into the highly annoying preflighting application...
HITB08 Slides available..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
03 November 2008
Slides from the latest Hack in the Box conference [are available] [SensePost slides are listed as owing / not there...
You know you are getting old..
Reading time:
~1 min
Posted
by Haroon Meer
on
28 October 2008
When you blog a link to poetry: [The man watching] is a poem by Rainer Maria Rilke, that i picked...
Windows servers are now a (beta) option on Amazon Ec2
Reading time:
Less than a minute
Posted
by Haroon Meer
on
23 October 2008
EC2 is now out of beta, and supports windows based ANI’s. [Big Day for EC2] EC2 blows my mind, and...
OWASP NYC Talks Posted..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
19 October 2008
The full videos from the OWASP NYC Conf have been posted. At least one BlackHat re-run, but some look well...
BiDiBLAH 2.0 BETA
Reading time:
Less than a minute
Posted
by francesco
on
10 October 2008
Good news to all the blah’ers out there! The BETA version of BiDiBLAH 2 is available for download here. As...
Vulnerability management and the Blogs
Reading time:
~1 min
Posted
by evert
on
06 October 2008
Gegroet just a quick note on VM. Google is now offering Google Blog Search Beta and I thought it interesting...
Sarah Palin, a yahoo email account, and something more shocking…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
18 September 2008
By now everyone knows that John McCain’s running mate Sarah Palin had her yahoo email account hacked. I guess a...
A truly sweet hack!
Reading time:
Less than a minute
Posted
by Haroon Meer
on
12 September 2008
[Solve mazes with Photoshop (or gimp)] i must confess that while i understand the logic of flood-fill doing a depth...
Lets hope it does better than netsec.reddit..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
11 September 2008
Introducing [http://www.reddit.com/r/ReverseEngineering/]
(like its name suggests, a reddit thats all about Code RE..)
HBN Extended Edition 6-10 October
Reading time:
~1 min
Posted
by Charl van der Walt
on
10 September 2008
We have scheduled our first training course for our new year, Hacking By Numbers – “Extended” Edition – for October...
Enter Google Chrome…
Reading time:
~1 min
Posted
by Haroon Meer
on
02 September 2008
Google have thrown their hat in the browser-ring, which many have predicted. [Chrome] should be coming soon to downloads near...
Education and Things u know u dont know…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
27 August 2008
A completely non-security related (but totally geek) blog that always makes me smile is [http://indexed.blogspot.com/]. We had just started the...
Adobe APSB08-15 Patch Reversing
Reading time:
~1 min
Posted
by behrang
on
27 August 2008
APSB08-15 is the latest adobe security advisory regarding a memory corruption vulnerabilty in Acrobat Reader versions <8.1.2 As expected, the advisory...
BlackHat/DefCon 2008 – Tool Release(s)
Reading time:
~1 min
Posted
by Haroon Meer
on
25 August 2008
Hey guys.. Our BlackHat/Defcon talk this year featured a few tools that we promised to release.. The first tool, or...
pwnies video posted online..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
22 August 2008
The video of the much publicized pwnie awards has been posted to the interwebs [gvideo link] Locals (SensePosters) can grab...
BlackHat / DefCon 2008….
Reading time:
Less than a minute
Posted
by Haroon Meer
on
18 August 2008
Hey guys.. Most of our BlackHat/Defcon team has arrived back home in one piece.. I landed with a fever and...
Crowbar 0.941
Reading time:
Less than a minute
Posted
by francesco
on
15 August 2008
Quick update on your favourite brute forcer… The file input “MS EOF char” issue has been resolved, and provision has...
these tubes are quick
Reading time:
Less than a minute
Posted
by marco
on
24 July 2008
Kaminsky’s thunder has all but evaporated into a fine mist, and Ptacek has gone all silent. In the meantime, the...
SQL Server 2005 – Where the $%#@ is that stored proc ?
Reading time:
Less than a minute
Posted
by Haroon Meer
on
15 July 2008
While doing some prodding on SQL Server, i came across this newness (of course this is probably old hat to...
Forget Dan’s DNS, the Armageddon Comes from Intel’s CPUs
Reading time:
Less than a minute
Posted
by glenn
on
15 July 2008
Kaspersky will show how processor bugs can be exploited using certain instruction sequences and a knowledge of how Java compilers...
What? no comment on the DNS thing ??
Reading time:
~1 min
Posted
by Haroon Meer
on
11 July 2008
Mostly we have stayed silent, because too many people have commented too much already.. It was interesting however how Ptacek...
funky javascript
Reading time:
Less than a minute
Posted
by marco
on
07 July 2008
found this online last night. try in FF or IE7: javascript:document.body.contentEditable='true'; document.designMode='on'; void 0 then edit the page in-place, screenshot,...
Forget the python vs ruby discussions..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
05 July 2008
Cause this puts Perl right back in the game! -snip- > sudo perl -MCPAN -e shell cpan> install Acme::LOLCAT install ...
Very decent Security Podcast..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
17 June 2008
I am probably one of the last ppl around to discover this, but ill post it here for the (probably)...
rethinking ye old truths
Reading time:
~1 min
Posted
by marco
on
13 June 2008
since forever, i’ve been told (and told others) that the greatest threat is from the inside. turns out, not so...
Carpet Bombing and eating Crow…
Reading time:
~1 min
Posted
by Haroon Meer
on
12 June 2008
The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an...
This has nothing to do with anything technical..
Reading time:
~1 min
Posted
by Haroon Meer
on
08 June 2008
but since it made me eat crow, i figured i would share it.. Although i read a fair bit, i...
DefCon 16 – Hmm.. 2 of these talks seem familiar…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
02 June 2008
Some of the DC16 speaker summaries have been posted, and these 2 caught my eye: Time-Based Blind SQL Injection using...
ActiveX Repurposing.. (aka: Other bugs your static analyzer will never find..) (aka 0day^H^H 485day bug!)
Reading time:
~5 min
Posted
by Haroon Meer
on
22 May 2008
Earlier this week we had an internal presentation on Attacking ActiveX Controls. The main reason we had it is because...
If you run Debian (or a Debian Derivative, like Ubuntu)…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
13 May 2008
Then you probably should get on this one… [Problems with Random Number Generator] While it looks like an arb openssl...
Should I stay or should I Gobi? Your support needed!
Reading time:
~2 min
Posted
by Charl van der Walt
on
28 April 2008
Hello All, Some of you might remember that I climbed Mount Kilimanjaro two years ago. What you might not know...
Phrack is dead.. long live Phrack ??
Reading time:
Less than a minute
Posted
by Haroon Meer
on
16 April 2008
Uninformed has certainly done awesomely at filling in the gap left when phrack went silent, but there is something nostalgic...
Its my SensePostaversary!
Reading time:
Less than a minute
Posted
by Haroon Meer
on
01 April 2008
Whoa! time flies when you having fun…
(click for orig.)
2 Winning quotes..
Reading time:
~1 min
Posted
by Haroon Meer
on
29 March 2008
from the SourceBoston videos i blogged about: Dr Geer never dissapoints, and kicked it off with the 4 rules on...
2 reasons to visit sourceboston.com (and 2 reasons to rejoice!)
Reading time:
Less than a minute
Posted
by Haroon Meer
on
24 March 2008
SourceBoston completed its first conference earlier this month, and some of the slide decks and videos are up.. While the...
Write a paper? or nip down for a pint?
Reading time:
Less than a minute
Posted
by Haroon Meer
on
19 March 2008
Apparently the two _are_ mutually exclusive.. [according to the NY Times…] -snip- According to the study, published in February in...
Veni, Vidi, Damni
Reading time:
~1 min
Posted
by Haroon Meer
on
13 March 2008
At last years BlackHat USA a bunch of us played some American geeks a game of late night parking lot...
Everything i needed to know about managing hackers, i learnt from my DVD collection..
Reading time:
~9 min
Posted
by Haroon Meer
on
09 March 2008
Ok.. so the title clearly isnt true.. but it made more sense than saying something about the altered geographic location...
RE: Sensepost at Cebit 2008
Reading time:
Less than a minute
Posted
by Shane Kemp
on
06 March 2008
“SensePost have once again been invited to join the South African Department of Trade and Industry at Cebit, as one...
The Peltier Effect – Year in Review..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
04 March 2008
Peltier and Associates have released their massive “Peltier Effect – Year in Review 2007“. The collection comes in at a...
DNS Tunnels (RE-REDUX)
Reading time:
~3 min
Posted
by glenn
on
28 February 2008
On a recent assessment we came across the following scenario: 1) We have command execution through a web command interpreter...
SNMP Joins Dark Side in New XSS Attack
Reading time:
Less than a minute
Posted
by Haroon Meer
on
27 February 2008
-sigh- the topic is stolen directly from the [DarkReading Article] -snip- Itâ€s yet another new spin on a pervasive attack...
Prof Felten (and friends) attack bitlocker/filevault (and friends)
Reading time:
Less than a minute
Posted
by Haroon Meer
on
21 February 2008
So felten et al basically figured that cooling dram chips allows an attacker to move them to another machine where...
Sorting your shoes like a whore!
Reading time:
~1 min
Posted
by Haroon Meer
on
18 February 2008
(my first X-Rated blog post.. i should hook up ad-words and watch the money roll in!) Ok.. our Zimbabwean recruit...
HTTP-Mangler QoW…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
18 February 2008
Many people took a crack at “what tool will work to replace mangler, out of the box” and so we...
Locating other sites on a virtually hosted box..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
18 February 2008
So everyone uses the live search engine with a ip: when trying to locate virtual hosts. I used domaintools in...
WebScarab-NG HTTP Mangler Functionality
Reading time:
Less than a minute
Posted
by lohan
on
18 February 2008
H said that there is a tool that will do the HTTP Mangler functionality out of the box. So here...
Horses and DNS BruteForcing..
Reading time:
~1 min
Posted
by Haroon Meer
on
15 February 2008
Old timers here will know about the concept of bruteforcing DNS using the clues available.. i.e. zone transfers disabled, but...
Open source (and lightning fast) Safari ?
Reading time:
~1 min
Posted
by Haroon Meer
on
10 February 2008
While im into posting mac-links.. Check out [Webkit] A little while back i mentioned not understanding why anyone would run...
Tooble for the win.. piracy++ ??
Reading time:
Less than a minute
Posted
by Haroon Meer
on
09 February 2008
For those of you who have not yet tried it, check out Tooble. Its a point and click tool that...
HBN Bootcamp @ Black Hat
Reading time:
~1 min
Posted
by Charl van der Walt
on
28 January 2008
Black Hat DC this year is supposed to be “a different kind of Black Hat”. There are four tracks over...
John Heasman is now Blogging..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
26 January 2008
John is one of the bright guys over at NGS, and judging by his track record will boost the signal...
On working when everyone else is asleep…
Reading time:
Less than a minute
Posted
by Charl van der Walt
on
23 January 2008
This quote reminded of something H always says: “When opportunity comes… its too late to prepare” – John Wooden –...
Eerie coincidences..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
15 January 2008
a) its my birthday in a few days
b) Apple just announced the new macbookair..
Coincidence??? i think not!!!
Is URL / Variable Name the new Port Number ??
Reading time:
~1 min
Posted
by Haroon Meer
on
10 January 2008
There has been a fair bit of blog buzz about the new SQL Injection worm that ran around infecting sites....
Strange Entries in your wbeserver logs, Wikto and questions about our Gender!
Reading time:
~2 min
Posted
by Haroon Meer
on
08 January 2008
Over the past while we have been getting emails from people trying to figure out why they had entries like...
Wikto 2 Bugfix
Reading time:
Less than a minute
Posted
by Ian de Villiers
on
03 January 2008
A seasonal Wikto version was released on the 22nd (Version 2.0.2911-20215) which has an issue with the web spider funtionality....
Two pointless excuses to post two pictures..
Reading time:
~1 min
Posted
by Haroon Meer
on
03 January 2008
a) At the end of the year we usually end up getting geek-gifts.. from SensePost, to SensePost.. Last years iPod...
Applescript for HTTP BruteForcing..
Reading time:
~2 min
Posted
by Haroon Meer
on
01 January 2008
A long time ago i blogged on the joys of using VBS to automate bruteforcing [1|2]when one didnt want to...