Introduction During an audit we executed in 2019, we had to test a deployment where a third party company had to remotely connect to special purpose computers to perform maintenance. At the time, they had chosen a software called RemotePC to remotely login into these special purpose computers…

Introduction TL;DR Twilio Platform Preparing Custom Setup Traffic Interception and Analysis Information Gathering DTLS Demultiplexing Intercepting Traffic to chunderm.gll.twilio.com Signalling Traffic Intercepting DTLS-SRTP Terminating DTLS with SRTP Extension Putting It All Together Spoofing…

The Qsslcaudit tool developed by my colleague Pavel provides an easy way for testing a client SSL implementation. To make testing of multiple connections even more straightforward, I created a proxy wrapper for this tool. How it works The user configures qsslcauditproxy as a proxy server on the…

Preface In this post we demonstrate how to use our tool to assess client-side TLS implementation: qsslcaudit. qsslcaudit helps determine if a TLS client (mobile application, standalone application, web service) properly validates server's certificate and if only secure protocols are supported.…

Intro On the 14th of January 2020, Microsoft fixed CVE-2020-0601, a high severity vulnerability affecting "the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates". Corresponding advisories were issued by NSA and CERT on the same day. On the next day it…

This is a new release of our tool designed to assess TLS clients security (certificates validation, protocols and ciphers support): v0.8.1. The corresponding packages for various Ubuntu versions are prepared in ppa:gremwell/qsslcaudit. Packaging for Kali is handled by Kali maintainers. The single…

During a recent engagement, we tried to enumerate email accounts by abusing previously reported user enumeration issue affecting Office 365, but found out it no longer works. In the past, sending authentication requests to ActiveSync with Basic HTTP authentication mechanism would return different…

This is a new release of our tool designed to assess TLS clients security (certificates validation, protocols and ciphers support): v0.6.0. The single huge feature added: support of assessing DTLS clients. DTLS is an implementation of TLS protocols for UDP protocol. There are two versions…

The following post will cover some techniques to test Meteor applications with Burp Suite. This can also be applied to other protocols that run over WebSockets. To test this yourself, the example Meteor application “Todos” can be downloaded here. Test Fallback to XHR Meteor applications use…