Recently Security Researcher has uncovered an critical vulnerability in 2.6.22 versions(which was released in 2007) of Linux Platform and Android Platform. In short this vulnerability attackers to gain root access to servers and take control over the whole system. This week security researcher made this issue public. A vulnerability discovered in the Linux kernel has been present for nine years. […]
Recently, I found an interesting issue Remote Code Execution for AT&T bug bounty program. But before going into this let’s understand Arbitrary Code Execution – Arbitrary Code Execution also know as command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands […]
Now Next Step accessing application internal storage Accessing Internal Storage of APPLICATION using reg eDITOR Application Windows do not allow access to the internal storage of its application even with “mass storage” mode enabled. To get an access to internal storage we need to perform “Interop Unlock”. For Interop Unlock there are various procedure mentioned […]
We need access to internal storage of device to proceed with security testing, however,Windows devices don’t allow users access to its internal storage. Naturally, for accessing internal storage we need unlocked Windows device. In this article, we will learn to unlock bootloader of Windows Nokia Lumia device followed by gaining root access to internal storage. Unlocking Windows Mobile […]
We are happy to announce Security Review guidelines for MongoDB. CIS guidelines are not available for Mongo DB and we thought this might be helpful for you. Content has been reference from MongoDB Original Website. I have create a sample command which will help you to extract the exact details required for performing security review. […]
Below are the steps of how to fix the banner (version information) in IIS 8.0/8.5 Step 1: Install the latest version of Microsoft Web Platform Installer (https://www.microsoft.com/web/downloads/platform.aspx/). Step 2: Install URL Rewrite 2.0 using Web Platform Installer on the server.
This article presents the key risks with DirectAccess and how to audit them. Let’s begin by first understanding the DirectAccess technology Introduction of DirectAccess From the Wikipedia definition DirectAccess, also known as Unified Remote Access, is a VPN-like technology that provides intranet connectivity to client computers when they are connected to the Internet. Direct Access overcomes […]
Hi All, It’s been long time haven’t write any security post but i have come up with security issue on HP ALM Product 11. While testing HP ALM Product latest version I have found that the password encryption used by the Web Application was weak. I was able to break the Password encryption logic. What is […]
Hello Every One, Recently Web Researcher has uncovered an extremely critical vulnerability in recent versions of OpenSSL in short this vulnerability allows anyone on the Internet to read the memory of the systems protected by the OpenSSL software. The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under […]
Recently, I found an interesting issue qualifying on Yahoo! Pipes. But before going into the details of this specific issue, let’s understand some basic points. What does Authorization mean? In general, authorization relates to the set of activities which a user can perform once logged on to a particular system. This is typically divided into […]
Most Commented Posts
Shashank Gosavi on Windows Mobile Application Security – Part II Superb. Are you planning to release process for WP10? It ...
pietro on Windows Mobile Application Security – Part II sono stato contento di sbirciare dentro al mio nokia 925 ...
Most Liked Posts
[Twitter Widget Error] You need to authenticate your Twitter App first. Go to Highend Options > Social Links. Read the documentation to find out more.