Hi there, Today I am sharing with you my conference talk about “IoT Security and smart alarms” which was created in cooperation with my company NVISO and presented on the cidersecuritycon. In case you are interested in the other awesome talks, you can find them below: Part1: https://youtu.be/Nx2ZDLaJ1-0 Part2: https://youtu.be/pGqObX7HQPs Part3: TBD
Hands On: Dynamic and Static Reverse Engineering
In this article I will show some techniques used in dynamic and static analysis and demonstrate them using a simple console game.
NET100 – Perfect hit
This was a quite easy but fun challenge.It’s about extracting data from a pcap file with SIP communication captured. If we take a look at the .pcap we see some SIP communication which can be easily inspected via the setting “Telephonie” in Wireshark. With that, we can see that there are two calls and one…
WEB200 – The rocket clock
This challenge was a web challenge. A PHP code to inspect and to tell what’s the problem with it and then exploit the weakness in the servers running this application. At first, I tried to take a look at the input which is controlled by the user. This is where we can manipulate and send…
MSC100 – Base32
MSC100 – Base32 This one was harder for me. Made some bad mistakes at the beginning which really left me clueless. The description was that someone encrypted text with base32 but did something wrong. So I tried to decrypt it with some online decoders but they all went crazy because of characters which are not…
WEB100 – XXE Denial of Service
This challenge was the usual XXE attack called entity injection with the goal to crash the server. This reminded me of the old but good billion laughs attack. With this attack, your recursive include entities which include further entities to overload the RAM of the XML parser and crash the program.To execute the attack we…
CRY100 – Decrypt this text
This challenges is about decrypting the text inside a file. At first, it does not pretty good. Most characters are not printable or just jibberish.Sadly I can’t remember correctly what the description said (have to write it down next time) but I guess something about the text is XOR’d and the key has to be…
Penetration Test Report ISIS12
Dieser Penetration Test wurde durchgeführt von Patrick Eisenschmidt. Inhaltsverzeichnis Timeline Dokumentenversion 1. Einführung 2. Technische Umgebung und Randbedingungen 3. Kategorisierung der Schwachstellen 4. Findings 4.1. XSS (Cross Site Scripting) 4.2. Benutzung eines schwachen Algorithmus zur Berechnung von Kennwort-Hashes Timeline Zeit Beschreibung 08.01.2019 Bericht an den Ansprechpartner der Hochschule gesendet 09.01.2019 Bericht wurde an den Hersteller…
Untersuchung der Kommunikation der App UniNow
Die Kommunikation der App UniNow wurde von Patrick Eisenschmidt auf personenbezogenen / datenschutzrelevante Daten geprüft. Dein ganzes Studium immer dabei. Mit UniNow hast du alle wichtigen Informationen rund um dein Studium in nur einer App! Egal ob Noten, deine Mails oder deinen Stundenplan – du hast alles immer und überall dabei! Inhaltsverzeichnis Dokumentenversion 1. Einführung…
Structural approach of bypassing a subscription system
This guide is not for pirating a game or motivating to do something illegal. It’s purely educational and a representation of how I did a structured analysis of a program based on a real-life example. UPDATE #2 Unfortunately, they fixed nothing and just added obfuscation “to fix the issue”… It took me like 30 minutes to…