My writeup posted up on the CyberCX Blog https://blog.cybercx.co.nz/bypassing-bios-password
The TLDR Proof of Concept (PoC)
_blank Burp Plugin
This is a follow up post to the _blank Links write up I did recently.
Burp Suite is a tool I use daily for pentesting, one of it’s important functions is the ability to extend the tool itself with plugins. Given my history of writing tons of Java (ಠ_ಠ) I figured I should take a look at extending the tool I use everyday.
You can technically write Burp Suite plugins in Python or Ruby.
[Read More]
_blank Links
I’ve had this post half written up for some time, and recently set aside some time to actually get it written.
Quite often during pentesting I have come across a web application that has functionality that allows users to set links in their profile, LinkedIn or Twitter for example. Sometimes these links are fully controllable, you can point them at any URL. If the link is controllable and the link has a target attribute of _blank, then an attack (dubbed “tab-nabbing”) can be performed.
[Read More]
Ask Me Anything - NZ Cyber Security Challenge 2020
Password Hashing Work Factor Recommendations in 2019
So you’ve decided to store hashed versions of your application user’s passwords, great start! You’ve done a bit of reading and decided you want to use a specialised password hashing algorithm. You implement it with the default security configuration in your favourite cryptography library, and you’re all set right?
Many developers don’t take the final step to investigate the default configuration when implementing specialised password based hashing algorithms. However, the default configuration often does not provide the level of security required for current implementation.
[Read More]
First post!
Obligatory Hello World post!