Rants
World Wide Walk About
October 13 2011
Glad to say that Adam is back from his trip around Europe where he presented at hack.lu. His slides can be found in the publications section.
James Burton will be giving a talk on Entomology - A Case Study of Rare and Interesting Bugs, at Kiwicon in November. His talk will cover some of the steps taken to progress from a security advisory through to a fully working exploit.
Also in November, Brett Moore will be giving a talk at Ruxcon in Australia. His talk titled Encyclopaedia Of Windows Privilege Escalation, will cover various methods that can be used to gain an escalated level of access on both patched and non patched windows systems.
Kiwicon V tickets are now on sale. The venue is bigger than last year, but don't leave it too late to get your ticket. And while you're at it, why not visit Ruxcon as well.
Talk The Talk
September 23 2011
First round of speaker selection has been announced for both Ruxcon and Kiwicon, and we are proud to have members of the team speaking at both of these great conferences.
James Burton will be giving a talk on Entomology - A Case Study of Rare and Interesting Bugs, at Kiwicon in November. His talk will cover some of the steps taken to progress from a security advisory through to a fully working exploit.
Also in November, Brett Moore will be giving a talk at Ruxcon in Australia. His talk titled Encyclopaedia Of Windows Privilege Escalation, will cover various methods that can be used to gain an escalated level of access on both patched and non patched windows systems.
Kiwicon V tickets are now on sale. The venue is bigger than last year, but don't leave it too late to get your ticket. And while you're at it, why not visit Ruxcon as well.
Advisory Release And Kiwicon V
September 06 2011
A short whitepaper from Brett Moore has been added to the publications section. This paper details a condition where PHPInfo() can assist in the exploitation of LFI vulnerabilities in PHP applications.
We recently published a security advisory for an issue in Pidgin that was reported by James Burton. This vulnerability could be used in targeted attacks to entice pidgin users into executing malicious binaries.
Full details on this issue can be found in the advisories section.
Kiwicon V tickets are now on sale. The venue is bigger than last year, but don't leave it too late to get your ticket. There is still time to submit a talk to either Ruxcon 2011 or , or for those that like to travel why not both.
OWASP Conference
July 18 2011
The OWASP NZ day conference was a great success, thanks to all those that participated in organising and attending. The talk by Brett on concurrency vulnerabilities can be found in the publications section.
There is still time to submit a talk to either Ruxcon 2011 or Kiwicon V, or for those that like to travel why not both.
Advisory Release
April 27 2011
We have just released two security advisories for vulnerabilities discovered and researched by James Burton. One is a remote buffer overflow in a SCADA service, and the other is an administrative authentication bypass in a systems management software.
Full details on these issues can be found in the advisories section.
On the conference front, Brett just got back from Infiltrate which he said was an awesome experience, and full credit to the Immunity team for putting on such a great event.
Closer to home the dates for the OWASP Day 2011 and Kiwicon V have been released, so be sure to mark these dates in your calender.
A New Year
January 24 2011
And so starts the new year. Why are the holidays so short?
We are very happy to announce that Adam Boileau (aka metlstorm) has finally joined the Insomnia team on a full time basis. Adam has worked closely with Insomnia over the last 3 years and it's about time he joined the team as a full timer!
You can find him ignoring twitter as @metlstorm, or check out some of his past projects on his personal site http://www.storm.net.nz/projects
We are still looking for someone to join the team in 2011. Preferably someone with experience and in the Auckland area, but as usual we are always interested in talented people so contact us if you have the right stuff.
The Aftermath
December 08 2010
Finally got around to putting up the updated Dep In Depth presentation from Ruxcon. This version includes a couple of new slides and extra content that was not in the Syscan version. It is in the presentations section.
Tokemon ][ seemed to run pretty smooth with a lot of people having a great night playing the game and drinking beers. Congratulations to the winners, which included a certain Australian who walked away with the top prize of an Apple iPad. Well done.
Insomnia Security is currently looking for someone to join the team in 2011. Preferably someone with experience and in the Auckland area, but as usual we are always interested in talented people so contact us if you have the right stuff.
Ruxcon and Kiwicon
October 11th 2010
Next month is a busy month for us with Ruxcon and Kiwicon both happening in November. The first round of speaker selection for Kiwicon has been announced, go check it out.
We have also announced that Tokemon is back for another round of crazy pub fuelled hacking. The game will be targetted at all levels, so even if you are just a beginner there will be something for you to enjoy. And for those that think you got what it takes, come and show us.
Insomnia Security is currently looking for someone to join the team in 2011. Tokemon ][ could just be that job interview that gets you that job.
Kiwicon IV
July 30th 2010
OWASP NZ held a great conference with some interesting talks. Hopefully next year we will have more local developers presenting. You can find our presentation in the publications section.
The Kiwicon team had released a cfp and announced that the conference will be the 27th-28th November 2010 in Wellington, New Zealand. This is the weekend after the Ruxcon conference in Australia, and together they make a great excuse to come down to this end of the world.
We have released an advisory for a locally developed CMS system, which James Burton found to be vulnerable to some classic SQL injection vulnerabilities. The details can be found in the advisories section.
More Cons
July 1st 2010
Back from Syscan 2010 in Singapore, and as always it was a fantastic conference. You can find our presentation in the publications section.
OWASP NZ is holding a day long conference on the 15th July. Brett Moore will be giving a presentation highlighting some of the common, and more unique, coding errors that he has seen over the past 24 months. It should be both informative, and amusing.
The conference is free, but you do need to register beforehand.
The Ruxcon crew has announced that they will be running again this year on the 20th and 21st November, and there is a rumour that Kiwicon will be back again. If the timing is right, maybe some of you might make the long trip and stay a while down this end of the world.
April Already
April 13th 2010
Well this year is flying past at a rapid rate.
The Ruxcon crew has announced that they will be running again this year on the 20th and 21st November, and there is a rumour that Kiwicon will be back again. If the timing is right, maybe some of you might make the long trip and stay a while down this end of the world.
We will be heading over to Syscan as well this year. Always a great conference with some cutting edge research presented in the previous years. If you are in that part of the world I highly recommend attending.
Another Patch
February 16th 2010
Microsoft has released the second and final patch for a vulnerability we reported. Details can be found in the advisories section.
New Year
January 29th 2010
Microsoft has released an out of band patch which includes a fix for an issue we disclosed. The security bulletin can be found here.
Hopefully this is just the start of a number of releases and changes we have planned for this year.
End of Year
December 8th 2009
Kiwicon ]|[ is over, and what a great conference it was. The windows exploitation training was well recieved with 12 people attending. Insomnia helped in the setup and running of Skidwarz, which was a small hacking game run at Kiwicon.
We were hoping to bring back Tokemon, but simply ran out of time to have it ready for Kiwicon 3. Plans are underway to have it up and running next year though. The runner up was Dean Jerkovich from Auckland, and the winner was James Burton from Dunedin.
In news for the new year, James will be joing the Insomnia Security team in a full time position in 2010.
Kiwicon ]|[ Is Here
November 24th 2009
Kiwicon ]|[ is this weekend, and it looks like a fine lineup of speakers. Great to see a lot of new speakers, and even some new faces. Insomnia Security are running our Windows Shellcode and Buffer overflow Exploitation 101 training course on the Friday beforehand. This year is a trial to see how well it works given the time and audience, but potentially next year it will be open for registrations.
If you think you may be interested, please let us know.
Kiwicon ]|[ CFP
August 11th 2009
The CFP for Kiwicon, New Zealands only hacker conference, has been released. It can be found on the Kiwicon website. The dates have been set for November 28th and 29th in Wellington.
If you've never been before I highly recommend it, if you have been before then its probably time that you submit that talk that you've been working on.
OWASP NZ Day
July 20th 2009
Back from Syscan. Finally decided to release the slides from the presentation in the publications section. I'm still going to work on a white paper to go with it, hopefully out in the next couple of months.
OWASP New Zealand held their first full day security conference in Auckland on the 13th July. It was a great success, and a big thanks to the organisers. More details can be found on the OWASP web site under https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2009.
OWASP NZ Day
May 25th 2009
Looking forward to a couple of upcoming events in July. Firstly I'll be heading over to Singapore to present at Syscan, which is one of my favourite conferences ever. Thomas always looks after his speakers and Singapore has a lot to offer.
Also coming up on the 13th July, is the first full day OWASP event in New Zealand. Check out https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2009 for further details and speakers when they are announced.
Citrix Hacking
April 17th 2009
The year is flying past to fast. Recent conference demonstration went well. Showed a step by step hack into a citrix environment that went from anonymous access through a privilege escalation bug in Altiris, to take over a domain administrator account and access the domain controller.
This time the demo went without a hitch.
Looking to release a whitepaper sometime in the next month or two which will cover hacking citrix. Some new tools will also be released which can be used for penetration testing or other security reviews of Citrix installations.
OWASP
March 2nd 2009
Back from the OWASP conference, which was a lot of fun. Great venue and some good talks. Looking forward to getting back to the gold coast for Auscert.
Another Year
January 12th 2009
Another year has rolled around, and summer is a scorcher for us at the moment. Hope everyone had a good break and is ready for whats to come. We have lots of stuff planned for this year, as long as we find the time to get things done.
Proud to annouce that Brett Moore has been selected to present at the OWASP Australia 2009 conference and the AUSCERT 2009 conference. If you are attending either of these, then be sure to say hello.
Christmas Patches
December 9th 2008
Microsoft have released a couple of patches for vulnerabilities we reported to them. Details can be found in the advisories section.
Ruxcon Recovery
December 2nd 2008
The Ruxcon team put together another awesome conference. Lots of good content and people to see there. Helped prove once again what a great security community there is in Australasia. Brett Moore gave his technical presentation about exploitation techniques that can be used when writing heap exploits for windows 2003. The presentation can be found in the publications section.
OWASP NZ Presentation
November 6th 2008
Brett Moore presented at the OWASP NZ meeeting providing an introduction to Common Application Flaws. The presentation can be found in the publications section.
The meeting went very well and it was good to see a lot of new faces. If you are a web application developer working in New Zealand then it is highly recommended that you attend the meetings, held both in Auckland and Wellington.
Finally A Patch
October 20th 2008
Symantec have finally released a patch for a shatter attack issue in the Deployment Server client. We see this throughout enterprises on a regular basis, and are unsure why corporates trust off the shelf products without requesting independent security reviews.
Anyway it was an interesting bug that initially allowed exploitation through a hidden button, and then again through a LoadLibrary call. It can be found in the Advisories section.
Post Kiwicon 2008
October 1st 2008
Kiwicon has come and gone, and once again proved itself to be a world class security conference. For you overseas people it is a great reason to come to New Zealand and then have a holiday in the snow or sun.
Tokemon was a great hit with the masses, and worked without a hitch. Thanks to all those that helped in the setup and running of the game; vex, sharrow, steve2, rzn, bls, nvd and any I can't recall
Prizes were dished out as;
- Most points for single person (aka most hackFU) - wolfie (He received the EEEPC prize pack)
- Most points / head (aka the most hacky team) - the hardc0re guys from christchurch
- Most points for a team (aka the team that hacked the most) - crew from security-assessment.com
Kiwicon 2008
September 10th 2008
We have published a vulnerability advisory detailing the OneNote URI Handling vulnerability that was patched in the September round of updates. It can be found in the Advisories section.
The Kiwicon 2k8 speaker lineup has been confirmed, and the con is quickly approaching.
For those attendees that want to try out their skills, Insomnia in conjunction with Kiwicon will be running a hacking game called Tokemon on the Saturday night. Check out the website for more details, build your team and come along to participate.
Hijacking Putty Connections
July 31st 2008
Finally got around to releasing a fairly stable version of PuttyHijack V1.0. This is something I've been working on for a while, mainly floating around as an idea since Metlstorm released his SSHJacking Tool . It's kind of a novelty tool but has been useful during live tests. Your mileage may vary!
Heap Exploitation
July 9th 2008
Just back from SyScan Singapore, which once again was filled with great speakers, guests, and one of the best hosts in the conference circuit. Our presentation detailing some heap exploitation techniques for Windows 2003 can be found in the Publications section.
We have published a vulnerability advisory detailing the heap overflow vulnerability in MS SQL Server 2005. It can be found in the Advisories section.
Time vs Time
June 18th 2008
Symantec released a patch for a shatter attack vulnerability in the Altiris Notification Agent. An advisory can be found in the Advisories section.
SyScan Singapore 2008 is nearly upon us. The current lineup looks like it includes some great speakers and topics. If you are going to be there, then be sure to say hello.
Advisory Day
May 16th 2008
Symantec released a patch that fixes a couple of security vulnerabilities we found. Check out the Advisories section for the details.
In other news.. A baby boy has arrived for BDP, and a little storm is still brewing.
Kiwicon 2k8
May 1st 2008
The CFP is out for Kiwicon 2k8 in Wellington, New Zealand. Kiwicon will be held on the weekend of the 27th and 28th of September, 2008 and it is not to be missed. Check out http://www.kiwicon.org for more details.
We have finally got round to finishing Access Through Access, a whitepaper covering some technical details of MS Jet exploitation.
Radio And Bugs
April 2nd 2008
Patrick Gray caught up with Brett Moore recently to talk about the market for vulnerabilities, very relevant given the recent cash offers at CanSecWest. You can listen to the podcast here
The team over at CMS Made Simple have released a security update that addresses an unauthenticated file upload issue we identified and reported to them.
And on the Symantec front, they are still working on some proper fixes.
The Brightstar conference that was held in Auckland, New Zealand, is over. We have posted our presentation, Increasing The Value Of Penetration Testing, to the publications section.
Just Another Day In The Life Of Responsible Disclosure Take 2
March 12th 2008
Without wanting to repeat myself
"As some of you may be aware, Symantec released an advisory on the 10th March 2008 crediting Insomnia in a security patch release. The question has been asked "Where is the Insomnia advisory release?". Well after we tested the patch we found it still lacking, and so are waiting for a corrected patch to be released before we make the information public.
This is a different issue to the one I mentioned before. 06 Feb 2008
One bonus is that its giving me material for releasing Shatter Attacks against DEP protected win2k3.
Just Another Day In The Life Of Responsible Disclosure
Feb 27th 2008
As some of you may be aware, Symantec released an advisory on the 6th Feb 2008 crediting Insomnia in a security patch release. The question has been asked "Where is the Insomnia advisory release?". Well after we tested the patch we found it still lacking, and so are waiting for a corrected patch to be released before we make the information public.
So it may not happen overnight... but it will happen.
