alla's blog

Great news - PortSwigger is working on PKCS#11 support (SSL client certificates stored on hardware tokens, such as smart cards) for Burp. I got to try the test build - it works perfectly with Belgian eID on Linux.

I am really happy about it - no more awkward chaining of proxies and SSL tunnels to get the job done.

We have released MagicTree 1.3. It fixes several nasty bugs that may lead to data corruption. We recommend everybody who uses MagicTree to upgrade. New features include support for AppScan XML and better handling of Imperva Scuba XML

Once again, we are looking for a penetration tester. See this post for a descriptiong of skills we are interested in. Prior penetration testing experience is a plus, but not a must, provided that you have the necessary knowledge, both practical and theoretical. The job is in Brussels, Belgium, working remotely may be possible for some projects, but most of the time you'll have to be on site.

Contact us at info@gremwell.com if you are interested.

We have recently been swampted by spam forum posts and comments. Some seem to be submitted by bots while other appear to be from humans. Untill now we've been using Image CAPTCHA module which doesn't seem to help much. We have now installed and configured Riddler. Let's see if it helps.

If you are trying to submit a post or comment and can't get through Riddler, please send us an email.

MagicTree 1.2 is available for download. New features in this release:

1. Metasploit XML import (issue #228)
2. Support "critical" severity from Nessus 5 (issue #254)
3. XSLT export. MagicTree data can now be exported as arbitrary XML. An XSLT for nmap-format export is provided. Use case: merge multiple nmap files, then export as one file to use in Nessus scan (issue #77)
4. Importing exploitability data from Nessus
5. Added "Save file as..." button to XML file view
   

Update: Burp Suite Pro 1.4.10 supports JSON scanning out of the box, see http://releases.portswigger.net/2012/06/v1410.html

A while ago Alex came up with a solution to get Burp to scan JSON formatted requests. It required a rather involved setup with two Burp listeners and an Apache server acting as a proxy packing and unpacking JSON data for Burp's consumption.

Since July 2010 Ubuntu has disabled support for SSLv2 in OpenSSL library. If you are testing remote hosts for SSLv2 using a client that does not support it, you are getting false negatives.

Here is how you can check if you system supports SSLv2:

alla@notsoshiny:~$ socat OPENSSL-LISTEN:1080,method=SSLv2,cert=cert.pem,verify=0 READLINE


cert.pem has to be a valid certificate file that includes a private key. Generate one with OpenSSL if you don't have it.

We are looking for a penetration tester. Most of the work is in or around Brussels. Some of the work will have to be done remotely. Employee or subcontractor.

You'll get a lot of opportunities to hack stuff. Actually, you'll be trying to break stuff most of your working time. Except when you are writing reports. Or trying to make stuff work, before you can start breaking it. Most of the work are web application tests, but other stuff as well, from hardware hacking to custom client-server applications.

MagicTree 1.1 is released and available for download. This release includes:

1. Rapid 7 NeXpose XML import (both simple XML and full XML formats are supported)
2. Arachni XML import (as of 0.4.0.2. Thanks to Herman Stevens of Astyran for contribution)
3. OWASP Zed Attack Proxy XML import (development snapshot as of 6-Feb-2012)
4. New matrix query interface
5. Bug fix (#224) Remove orphan projects does not work anymore
6. Bug fix (#226) NPE in dumpData()
   

Herman Stevens has developed an XSLT for importing Arachni data into MagicTree.

To test his XSLT I went to install the latest development version of Arachni on my Ubuntu 11.04 (natty). Having fought with it for a while and finally managing to install it, I thought that the description of the process might help somebody else. So here it goes.

First I downloaded the sources: