Overview of MAC Algorithms, TLS Protocol and CHACHA20-POLY1305 Algorithms In the upcoming posts I’m going to give an introduction on Openssl CVE-2016-7054 vulnerability and the terminology about this topic. In part 2 we will discuss available tools and techniques and how to actually produce an exploit for this vulnerability, in the 3rd part we will try to enumerate installed Openssl version on our systems and see how we can update software packages that use Openssl like Apache, Nginx and Python. Intro Couple of days ago Fortinet published a blog post titled “Analysis of OpenSSL ChaCha20-Poly1305 Heap Buffer Overflow (CVE-2016-7054)“. A...
Continue reading...Code
Tools for testing HTTPoxy Vulnerability
I’ve developed a script that you can run on your server and test for CGI HTTPoxy vulnerability. It’s available on my github in a repository named HTTPoxy-Test-Tools. I’ve currently developed the script for apache web servers but I’ll be adding support for other webservers gradually. Edit: Added IIS HTTPoxy Testing Tool: https://github.com/silverfoxy/HTTPoxy-Test-Tools/tree/master/iis_httpoxy HTTPoxy Test Tools This tool finds your webserver’s CGI directory, adds a temporary file that returns the HTTP_PROXY environment variable. It then sends a GET request to this CGI file and sets the “proxy” header for the underlying request. If the environment variable is affected, then you’re vulnerable....
Continue reading...Website Deface Detection Script
You’re going to get hacked on the weekend? Panic mode activated. Today I’m going to show you how easy it is to get a “bot” up and running that watches your website and alerts you if you get hacked (defaced). This bot is going to kindly notify you over telegram. [Skip to the technical part] The Story (What was the problem I was trying to solve?) I suppose all admins and techies have had this nightmare at least once in their career where there’s an exploit raging in the wild and services and websites of companies in the same business...
Continue reading...