Secure Development – Security in every pipeline

Secure-Development

Nowadays we use the term “safe coding” or even “safe design” these terms are becoming more and more common among the creators of Secure development and Application Security. However, for this to be completely true in our development processes we need to truly understand this term’s concept, and how Application Security is connected to them.An […]

Read more

Playing with Sandbox: An analysis of Capsicum

  Introduction   In this post we talk a little about sandbox. People that work and study software exploitation know the sandbox concept. This kind of feature when properly implemented on a system makes hard to exploit some kind of vulnerabilities, especially that involving memory corruption. In wikipedia we have a good reference about this: […]

Read more

HP Operations Manager Perfd Environment Scanner

During a intrusion test conducted recently, I found a daemon called perfd ​​which is listening on port 5227. According to IANA[1], the daemon is “HP System Performance Metric Service”[2] service. After a quick analysis, I discovered that the daemon responds with vital data and we can view information such as CPU, disks, processes etc. Commands:“u” […]

Read more

RIPS Scanner v-0.54 – Local File Include (LFI)

Hi there, For those using the RIPS scanner [1] to help the analysis of vulnerabilities on PHP code, pay attention not to leave it running on your network or available to the internet, where anyone can access it.  In a very brief static code analysis of RIPS we found two “Local File Include” (LFI) vulnerabilities as […]

Read more

Worst and best practices for secure password storage

A password is meant to secure an asset against unauthorized access from an attacker. In order to prevent someone from gaining access, the password must be hard to guess, and that means that it must be strong enough to avoid guessing based attacks (like dictionaries and brute-force). Some heuristics to prevent a weak password are a […]

Read more

From Deploy WAR (Tomcat) to Shell (FreeBSD)

O objetivo deste post é demonstrar como a implementação insegura de serviços na rede pode facilitar o comprometimento de toda a infraestrutura de sua empresa. Neste caso a demonstração será com a instalação padrão do Apache Tomcat [1], em um servidor com o sistema operacional FreeBSD [2], sem nenhum ajuste nas configurações ou hardening no pós-instalação. […]

Read more

Github Hacking for fun and… sensitive data search!

Conviso Research and Development Team is usually reading thousands and thousands of information daily and we make some filters and pay attention to some special words. We saw a very interesting post at Full Disclosure about advanced GitHub Search. Right after reading what we shared in our internal list, this information and a little bit of […]

Read more

Exploiting Unsafe Reflection in Ruby/Rails Applications

There is a class of vulnerabilities known as Unsafe Reflection [1] that has not been much discussed in the Ruby/Rails circle, despite being somewhat related to the recent deserialization vulnerabilities found in Rails. Unsafe Reflection vulnerabilities via constant creation occur in Ruby normally when the Module#const_get method is called with user-controlled data. The Rails framework […]

Read more

Ruby on Rails SQL Injection (CVE-2012-2695)

We found a SQL Injection vulnerability in Ruby on Rails that affected all versions and reported it to the Rails security team. On the 12th of June, they released an advisory [1], patches and new versions that fix it. This vulnerability was also independently reported by other researchers. These new patches actually fixed two variants […]

Read more

top