Submitted by alla on 22 December, 2011 - 14:19
I have created a forum for MagicTree. You can ask and answer questions, discuss features, post tips and tricks, or complain.
Submitted by abb on 10 November, 2011 - 20:40
Here is a little tool which help finding and dumping any serialized Java objects in a binary stream. It accepts just one parameter -- the name of the file to load the binary stream.
First run:
$ java -jar jsersearch.jar /tmp/payload.dat
Found objectStream at offset 55, dumping ...
Caught exception while dumping java.lang.ClassNotFoundException: XXXRequestBase
End of dump (from offset 55)
Offset 1756 exception java.io.EOFException
Submitted by abb on 29 October, 2011 - 22:01
Well, maybe the title is a bit ambitions, but at least the script below is is an improvement comparing to these two approaches: 1 and 2:
* It validates server-side certificate instead of ignoring them
* Logs out to invalidate the session cookie and wipes the temporary file used to store it
* Does not fetch whole bulk of RRD data
#!/bin/sh -e
user=***
password=***
host=***
cacert=$host-cacert.pem
Submitted by abb on 8 October, 2011 - 13:40
Here are some notes about my attempt to install Ubuntu 11 on Kingston SV100S2/256G SSD (on Dell Latitude E6510 laptop). Just in case somebody else finds it useful.
I have Googled around for information about SSD disk optimization for Linux and found that there are two main things to consider: partition alignment and filesystem options.
It appears to be important to (try to) align disk writes by the boundaries of SDD erase block size. This [1] article talks about LVM volumes alignment.
Submitted by alla on 30 September, 2011 - 11:37
We are happy to announce that MagicTree version 1.0 is released and available for download.
We would like to thank everybody who submitted bug reports, feature requests or just wrote to tell us that they love MagicTree. You helped a lot!
Version 1.0 includes a lot of bug fixes and a number of new features, such as:
* Support for Acunetix data import
* Support for W3AF data import
Submitted by abb on 29 September, 2011 - 14:34
Introduction
From time to time I come across a web service that expects its input in some proprietary format, usually JSON distorted in one way or another. A vulnerability scanner knows nothing about that stuff and can't properly fuzz it. (At the time of this writing Acunetix and Burp Pro support JSON only in HTTP responses.) In this case one has to resort to pure manual testing or partially automatic test with a fuzzer. Both approaches have their limitations, and I decided to finally find a way to run an automated scanner against proprietary web services.
Submitted by alla on 16 September, 2011 - 19:50
I've just uploaded MagicTree build 1559, which includes fixes for bugs we have found while working on the PenTest Magazine article.
We are working hard on the next release of MagicTree. We hope to have it out before the end of September.
Submitted by alla on 15 September, 2011 - 13:07
Update 2011/09/17: MagicTree build 1559 mentioned in the article is available for download.
PenTest Magazine has published our article Taming Vulnerability Data in its September extra issue along with a MagicTree review by Aby Rao.
Submitted by alla on 9 September, 2011 - 14:18
Submitted by abb on 8 September, 2011 - 17:44
Sometimes it is useful to run an intercepting proxy (running non-root user) on a privileged port. On debian-based systems it is possible using authbind facility.
The first step is to record the necessary port number in authbind config:
$ sudo touch /etc/authbind/byport/443
$ sudo chown abb:abb /etc/authbind/byport/443
$ sudo chmod 755 /etc/authbind/byport/443
After that, run Burp with authbind to let it use privileged port configured above:
Pages
