Our Blog

Dont look now, but it seems they broke the Interwebs again..

Reading time: ~1 min
Those pesky hackers! Alex Sotirov (of heap feng shui fame, famous for breaking everything from Vista, to web browsers, to...

We going to sue and make Squillions…..

Reading time: Less than a minute
or maybe not… The twitters informed me that Singe uncovered a case of brand plagiarism!!!1! -snip- -snip- So lets review.....

… Scrapy…

Reading time: Less than a minute
(an open source web crawling and screen scraping framework written in Python..) i promised deels i wld stay off the...

Ted Speaker List up and Free hackin9

Reading time: Less than a minute
(aka 2 completely unrelated topics) You can grab a free copy of the Hackin9 magazine [here]  And you can view...

Penetration Testing in 2009 – Opposing Viewpoints

Reading time: ~4 min
The last few weeks have brought some fairly interesting predictions for 2009 to bear in CSO Magazine columns. Two recent...

More Conn News – PCI Johannesburg

Reading time: Less than a minute
I got contacted the other day (via LinkedIn actually, which is a 1st for me) about a PCI conference some...

ITWeb Security Summit 2009 – CFP Reminder

Reading time: Less than a minute
I wanted to remind folk that the CFP for the ITWeb Security Summit closes on 26 Jan 2009. You can...

Wikto 2.1 XMAS edition

Reading time: Less than a minute
The latest version of Wikto (2.1) is available for download here. New features include time anomaly reporting and easier access...

Microsoft BlueHat, Videos Posted

Reading time: Less than a minute
Microsoft has posted selected videos of the latest BlueHat talks [here]. It’s pretty cool that they are now releasing these...

Linux on iPhone..

Reading time: Less than a minute
While i normally find “Linux ported to run on your [nintendo/toaster/foo] stories only academically interesting, i think the thought of...

South Africa’s own IT Security “pubcast”

Reading time: Less than a minute
Our good friend Anthony Olivier has launched his “IT Security Pubcast“. So far 2 episodes are online, with episode #2...

ITWeb Security Summit 2009 – CFP Now Open

Reading time: ~1 min
A couple of months back SensePost  were asked by a prominent South African media company to assist in the selection...

Wired Article on DNSGate..

Reading time: Less than a minute
Wired magazine has covered the DNSGate saga with full dramatic details like: “never, ever repeat what you just told me...

HBN Bootcamp – Christmas Edition

Reading time: Less than a minute
As a Christmas special we  have scheduled an additional training course, Hacking By Numbers – Extended Edition  (Bootcamp)  in  Pretoria,...

“Unix Terrorist” in trouble over TJX ?

Reading time: Less than a minute
Anyone who was around for Defcon-10 will have an opinion on the infamous Gobbles-Silvio-UnixTerrorist talk in which mail spools where...

Preflighting Application Error (0xE800000*) on iPhones

Reading time: Less than a minute
For those writing apps for the iPhone, you have a good chance of bumping into the highly annoying preflighting application...

HITB08 Slides available..

Reading time: Less than a minute
Slides from the latest Hack in the Box conference [are available] [SensePost slides are listed as owing / not there...

You know you are getting old..

Reading time: ~1 min
When you blog a link to poetry: [The man watching] is a poem by Rainer Maria Rilke, that i picked...

Windows servers are now a (beta) option on Amazon Ec2

Reading time: Less than a minute
EC2 is now out of beta, and supports windows based ANI’s. [Big Day for EC2] EC2 blows my mind, and...

OWASP NYC Talks Posted..

Reading time: Less than a minute
The full videos from the OWASP NYC Conf have been posted. At least one BlackHat re-run, but some look well...

BiDiBLAH 2.0 BETA

Reading time: Less than a minute
Good news to all the blah’ers out there! The BETA version of BiDiBLAH 2 is available for download here. As...

Vulnerability management and the Blogs

Reading time: ~1 min
Gegroet just a quick note on VM. Google is now offering Google Blog Search Beta and I thought it interesting...

Sarah Palin, a yahoo email account, and something more shocking…

Reading time: Less than a minute
By now everyone knows that John McCain’s running mate Sarah Palin had her yahoo email account hacked. I guess a...

A truly sweet hack!

Reading time: Less than a minute
[Solve mazes with Photoshop (or gimp)] i must confess that while i understand the logic of flood-fill doing a depth...

Lets hope it does better than netsec.reddit..

Reading time: Less than a minute
Introducing [http://www.reddit.com/r/ReverseEngineering/] (like its name suggests, a reddit thats all about Code RE..)

HBN Extended Edition 6-10 October

Reading time: ~1 min
We have scheduled our first training course for our new year, Hacking By Numbers – “Extended” Edition – for October...

Enter Google Chrome…

Reading time: ~1 min
Google have thrown their hat in the browser-ring, which many have predicted. [Chrome]  should be coming soon to downloads near...

Education and Things u know u dont know…

Reading time: Less than a minute
A completely non-security related (but totally geek) blog that always makes me smile is [http://indexed.blogspot.com/]. We had just started the...

Adobe APSB08-15 Patch Reversing

Reading time: ~1 min
APSB08-15 is the latest adobe security advisory regarding a memory corruption vulnerabilty in Acrobat Reader versions <8.1.2 As expected, the advisory...

BlackHat/DefCon 2008 – Tool Release(s)

Reading time: ~1 min
Hey guys.. Our BlackHat/Defcon talk this year featured a few tools that we promised to release.. The first tool, or...

pwnies video posted online..

Reading time: Less than a minute
The video of the much publicized pwnie awards has been posted to the interwebs [gvideo link] Locals (SensePosters) can grab...

BlackHat / DefCon 2008….

Reading time: Less than a minute
Hey guys.. Most of our BlackHat/Defcon team has arrived back home in one piece.. I landed with a fever and...

Crowbar 0.941

Reading time: Less than a minute
Quick update on your favourite brute forcer… The file input “MS EOF char” issue has been resolved, and provision has...

these tubes are quick

Reading time: Less than a minute
Kaminsky’s thunder has all but evaporated into a fine mist, and Ptacek has gone all silent. In the meantime, the...

SQL Server 2005 – Where the $%#@ is that stored proc ?

Reading time: Less than a minute
While doing some prodding on SQL Server, i came across this newness (of course this is probably old hat to...

Forget Dan’s DNS, the Armageddon Comes from Intel’s CPUs

Reading time: Less than a minute
Kaspersky will show how processor bugs can be exploited using certain instruction sequences and a knowledge of how Java compilers...

What? no comment on the DNS thing ??

Reading time: ~1 min
Mostly we have stayed silent, because too many people have commented too much already.. It was interesting however how Ptacek...

funky javascript

Reading time: Less than a minute
found this online last night. try in FF or IE7: javascript:document.body.contentEditable='true'; document.designMode='on'; void 0 then edit the page in-place, screenshot,...

Forget the python vs ruby discussions..

Reading time: Less than a minute
Cause this puts Perl right back in the game! -snip- > sudo perl -MCPAN -e shell cpan> install Acme::LOLCAT install ...

Very decent Security Podcast..

Reading time: Less than a minute
I am probably one of the last ppl around to discover this, but ill post it here for the (probably)...

rethinking ye old truths

Reading time: ~1 min
since forever, i’ve been told (and told others) that the greatest threat is from the inside. turns out, not so...

Carpet Bombing and eating Crow…

Reading time: ~1 min
The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an...

This has nothing to do with anything technical..

Reading time: ~1 min
but since it made me eat crow, i figured i would share it.. Although i read a fair bit, i...

DefCon 16 – Hmm.. 2 of these talks seem familiar…

Reading time: Less than a minute
Some of the DC16 speaker summaries have been posted, and these 2 caught my eye: Time-Based Blind SQL Injection using...

ActiveX Repurposing.. (aka: Other bugs your static analyzer will never find..) (aka 0day^H^H 485day bug!)

Reading time: ~5 min
Earlier this week we had an internal presentation on Attacking ActiveX Controls. The main reason we had it is because...

If you run Debian (or a Debian Derivative, like Ubuntu)…

Reading time: Less than a minute
Then you probably should get on this one… [Problems with Random Number Generator] While it looks like an arb openssl...

Should I stay or should I Gobi? Your support needed!

Reading time: ~2 min
Hello All, Some of you might remember that I climbed Mount Kilimanjaro two years ago. What you might not know...

Phrack is dead.. long live Phrack ??

Reading time: Less than a minute
Uninformed has certainly done awesomely at filling in the gap left when phrack went silent, but there is something nostalgic...

Its my SensePostaversary!

Reading time: Less than a minute
Whoa! time flies when you having fun… (click for orig.)

2 Winning quotes..

Reading time: ~1 min
from the SourceBoston videos i blogged about: Dr Geer never dissapoints, and kicked it off with the 4 rules on...

2 reasons to visit sourceboston.com (and 2 reasons to rejoice!)

Reading time: Less than a minute
SourceBoston completed its first conference earlier this month, and some of the slide decks and videos are up.. While the...

Write a paper? or nip down for a pint?

Reading time: Less than a minute
Apparently the two _are_ mutually exclusive.. [according to the NY Times…] -snip- According to the study, published in February in...

Veni, Vidi, Damni

Reading time: ~1 min
At last years BlackHat USA a bunch of us played some American geeks a game of late night parking lot...

Everything i needed to know about managing hackers, i learnt from my DVD collection..

Reading time: ~9 min
Ok.. so the title clearly isnt true.. but it made more sense than saying something about the altered geographic location...

RE: Sensepost at Cebit 2008

Reading time: Less than a minute
“SensePost have once again been invited to join the South African Department of Trade and Industry at Cebit, as one...

The Peltier Effect – Year in Review..

Reading time: Less than a minute
Peltier and Associates have released their massive “Peltier Effect – Year in Review 2007“. The collection comes in at a...

DNS Tunnels (RE-REDUX)

Reading time: ~3 min
On a recent assessment we came across the following scenario: 1) We have command execution through a web command interpreter...

SNMP Joins Dark Side in New XSS Attack

Reading time: Less than a minute
-sigh- the topic is stolen directly from the [DarkReading Article] -snip- Itâ€s yet another new spin on a pervasive attack...

Prof Felten (and friends) attack bitlocker/filevault (and friends)

Reading time: Less than a minute
So felten et al basically figured that cooling dram chips  allows an attacker to move them to another machine where...

Sorting your shoes like a whore!

Reading time: ~1 min
(my first X-Rated blog post.. i should hook up ad-words and watch the money roll in!) Ok.. our Zimbabwean recruit...

HTTP-Mangler QoW…

Reading time: Less than a minute
Many people took a crack at “what tool will work to replace mangler, out of the box” and so we...

Locating other sites on a virtually hosted box..

Reading time: Less than a minute
So everyone uses the live search engine with a ip: when trying to locate virtual hosts. I used domaintools in...

WebScarab-NG HTTP Mangler Functionality

Reading time: Less than a minute
H said that there is a tool that will do the HTTP Mangler functionality out of the box. So here...

Horses and DNS BruteForcing..

Reading time: ~1 min
Old timers here will know about the concept of bruteforcing DNS using the clues available.. i.e. zone transfers disabled, but...

Open source (and lightning fast) Safari ?

Reading time: ~1 min
While im into posting mac-links.. Check out [Webkit] A little while back i mentioned not understanding why anyone would run...

Tooble for the win.. piracy++ ??

Reading time: Less than a minute
For those of you who have not yet tried it, check out Tooble. Its a point and click tool that...

HBN Bootcamp @ Black Hat

Reading time: ~1 min
Black Hat DC this year is supposed to be “a different kind of Black Hat”. There are four tracks over...

John Heasman is now Blogging..

Reading time: Less than a minute
John is one of the bright guys over at NGS, and judging by his track record will boost the signal...

On working when everyone else is asleep…

Reading time: Less than a minute
This quote reminded of something H always says: “When opportunity comes… its too late to prepare” – John Wooden –...

Eerie coincidences..

Reading time: Less than a minute
a) its my birthday in a few days b) Apple just announced the new macbookair.. Coincidence??? i think not!!!

Is URL / Variable Name the new Port Number ??

Reading time: ~1 min
There has been a fair bit of blog buzz about the new SQL Injection worm that ran around infecting sites....

Strange Entries in your wbeserver logs, Wikto and questions about our Gender!

Reading time: ~2 min
Over the past while we have been getting emails from people trying to figure out why they had entries like...

Wikto 2 Bugfix

Reading time: Less than a minute
A seasonal Wikto version was released on the 22nd (Version 2.0.2911-20215) which has an issue with the web spider funtionality....

Two pointless excuses to post two pictures..

Reading time: ~1 min
a) At the end of the year we usually end up getting geek-gifts.. from SensePost, to SensePost.. Last years iPod...

Applescript for HTTP BruteForcing..

Reading time: ~2 min
A long time ago i blogged on the joys of using VBS to automate bruteforcing [1|2]when one didnt want to...