Rants

End of Year

December 8th 2009

Kiwicon ]|[ is over, and what a great conference it was. The windows exploitation training was well recieved with 12 people attending. Insomnia helped in the setup and running of Skidwarz, which was a small hacking game run at Kiwicon.

We were hoping to bring back Tokemon, but simply ran out of time to have it ready for Kiwicon 3. Plans are underway to have it up and running next year though. The runner up was Dean Jerkovich from Auckland, and the winner was James Burton from Dunedin.

In news for the new year, James will be joing the Insomnia Security team in a full time position in 2010.

Kiwicon ]|[ Is Here

November 24th 2009

Kiwicon ]|[ is this weekend, and it looks like a fine lineup of speakers. Great to see a lot of new speakers, and even some new faces. Insomnia Security are running our Windows Shellcode and Buffer overflow Exploitation 101 training course on the Friday beforehand. This year is a trial to see how well it works given the time and audience, but potentially next year it will be open for registrations.

If you think you may be interested, please let us know.

Kiwicon ]|[ CFP

August 11th 2009

The CFP for Kiwicon, New Zealands only hacker conference, has been released. It can be found on the Kiwicon website. The dates have been set for November 28th and 29th in Wellington.

If you've never been before I highly recommend it, if you have been before then its probably time that you submit that talk that you've been working on.

OWASP NZ Day

July 20th 2009

Back from Syscan. Finally decided to release the slides from the presentation in the publications section. I'm still going to work on a white paper to go with it, hopefully out in the next couple of months.

OWASP New Zealand held their first full day security conference in Auckland on the 13th July. It was a great success, and a big thanks to the organisers. More details can be found on the OWASP web site under https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2009.

OWASP NZ Day

May 25th 2009

Looking forward to a couple of upcoming events in July. Firstly I'll be heading over to Singapore to present at Syscan, which is one of my favourite conferences ever. Thomas always looks after his speakers and Singapore has a lot to offer.

Also coming up on the 13th July, is the first full day OWASP event in New Zealand. Check out https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2009 for further details and speakers when they are announced.

Citrix Hacking

April 17th 2009

The year is flying past to fast. Recent conference demonstration went well. Showed a step by step hack into a citrix environment that went from anonymous access through a privilege escalation bug in Altiris, to take over a domain administrator account and access the domain controller.

This time the demo went without a hitch.

Looking to release a whitepaper sometime in the next month or two which will cover hacking citrix. Some new tools will also be released which can be used for penetration testing or other security reviews of Citrix installations.

OWASP

March 2nd 2009

Back from the OWASP conference, which was a lot of fun. Great venue and some good talks. Looking forward to getting back to the gold coast for Auscert.

Another Year

January 12th 2009

Another year has rolled around, and summer is a scorcher for us at the moment. Hope everyone had a good break and is ready for whats to come. We have lots of stuff planned for this year, as long as we find the time to get things done.

Proud to annouce that Brett Moore has been selected to present at the OWASP Australia 2009 conference and the AUSCERT 2009 conference. If you are attending either of these, then be sure to say hello.

Christmas Patches

December 9th 2008

Microsoft have released a couple of patches for vulnerabilities we reported to them. Details can be found in the advisories section.

Ruxcon Recovery

December 2nd 2008

The Ruxcon team put together another awesome conference. Lots of good content and people to see there. Helped prove once again what a great security community there is in Australasia. Brett Moore gave his technical presentation about exploitation techniques that can be used when writing heap exploits for windows 2003. The presentation can be found in the publications section.

OWASP NZ Presentation

November 6th 2008

Brett Moore presented at the OWASP NZ meeeting providing an introduction to Common Application Flaws. The presentation can be found in the publications section.

The meeting went very well and it was good to see a lot of new faces. If you are a web application developer working in New Zealand then it is highly recommended that you attend the meetings, held both in Auckland and Wellington.

Finally A Patch

October 20th 2008

Symantec have finally released a patch for a shatter attack issue in the Deployment Server client. We see this throughout enterprises on a regular basis, and are unsure why corporates trust off the shelf products without requesting independent security reviews.

Anyway it was an interesting bug that initially allowed exploitation through a hidden button, and then again through a LoadLibrary call. It can be found in the Advisories section.

Post Kiwicon 2008

October 1st 2008

Kiwicon has come and gone, and once again proved itself to be a world class security conference. For you overseas people it is a great reason to come to New Zealand and then have a holiday in the snow or sun.

Tokemon was a great hit with the masses, and worked without a hitch. Thanks to all those that helped in the setup and running of the game; vex, sharrow, steve2, rzn, bls, nvd and any I can't recall

Prizes were dished out as;

• Most points for single person (aka most hackFU) - wolfie (He received the EEEPC prize pack)
• Most points / head (aka the most hacky team) - the hardc0re guys from christchurch
• Most points for a team (aka the team that hacked the most) - crew from security-assessment.com

Kiwicon 2008

September 10th 2008

We have published a vulnerability advisory detailing the OneNote URI Handling vulnerability that was patched in the September round of updates. It can be found in the Advisories section.

The Kiwicon 2k8 speaker lineup has been confirmed, and the con is quickly approaching.

For those attendees that want to try out their skills, Insomnia in conjunction with Kiwicon will be running a hacking game called Tokemon on the Saturday night. Check out the website for more details, build your team and come along to participate.

Hijacking Putty Connections

July 31st 2008

Finally got around to releasing a fairly stable version of PuttyHijack V1.0. This is something I've been working on for a while, mainly floating around as an idea since Metlstorm released his SSHJacking Tool . It's kind of a novelty tool but has been useful during live tests. Your mileage may vary!

Heap Exploitation

July 9th 2008

Just back from SyScan Singapore, which once again was filled with great speakers, guests, and one of the best hosts in the conference circuit. Our presentation detailing some heap exploitation techniques for Windows 2003 can be found in the Publications section.

We have published a vulnerability advisory detailing the heap overflow vulnerability in MS SQL Server 2005. It can be found in the Advisories section.

Time vs Time

June 18th 2008

Symantec released a patch for a shatter attack vulnerability in the Altiris Notification Agent. An advisory can be found in the Advisories section.

SyScan Singapore 2008 is nearly upon us. The current lineup looks like it includes some great speakers and topics. If you are going to be there, then be sure to say hello.

Advisory Day

May 16th 2008

Symantec released a patch that fixes a couple of security vulnerabilities we found. Check out the Advisories section for the details.

In other news.. A baby boy has arrived for BDP, and a little storm is still brewing.

Kiwicon 2k8

May 1st 2008

The CFP is out for Kiwicon 2k8 in Wellington, New Zealand. Kiwicon will be held on the weekend of the 27th and 28th of September, 2008 and it is not to be missed. Check out http://www.kiwicon.org for more details.

We have finally got round to finishing Access Through Access, a whitepaper covering some technical details of MS Jet exploitation.

Radio And Bugs

April 2nd 2008

Patrick Gray caught up with Brett Moore recently to talk about the market for vulnerabilities, very relevant given the recent cash offers at CanSecWest. You can listen to the podcast here

The team over at CMS Made Simple have released a security update that addresses an unauthenticated file upload issue we identified and reported to them.

And on the Symantec front, they are still working on some proper fixes.

The Brightstar conference that was held in Auckland, New Zealand, is over. We have posted our presentation, Increasing The Value Of Penetration Testing, to the publications section.

Just Another Day In The Life Of Responsible Disclosure Take 2

March 12th 2008

Without wanting to repeat myself
"As some of you may be aware, Symantec released an advisory on the 10th March 2008 crediting Insomnia in a security patch release. The question has been asked "Where is the Insomnia advisory release?". Well after we tested the patch we found it still lacking, and so are waiting for a corrected patch to be released before we make the information public.

This is a different issue to the one I mentioned before. 06 Feb 2008

One bonus is that its giving me material for releasing Shatter Attacks against DEP protected win2k3.

Just Another Day In The Life Of Responsible Disclosure

Feb 27th 2008

As some of you may be aware, Symantec released an advisory on the 6th Feb 2008 crediting Insomnia in a security patch release. The question has been asked "Where is the Insomnia advisory release?". Well after we tested the patch we found it still lacking, and so are waiting for a corrected patch to be released before we make the information public.

So it may not happen overnight... but it will happen.