PDF URIs

I was handed an interesting PDF document. It doesn't contain malicious code, yet it generates network traffic. Let me explain how this is achieved. Creating a PDF that makes a HTTP(S) connection to a website is easy. There's no need to use an exploit, not even JavaScript. You just have to use a URI object: [...]

Cyber Security Challenge Belgium 2015 – Solving the NVISO Lottery challenge

This is the fourth and final blog post in the Cyber Security Challenge Belgium 2015 (CSCBE) solutions series. This time, we're taking a look at one of the more programming oriented challenges: The NVISO Lottery. The NVISO Lottery The students were given the following info: "Come and throw away your money at the NViso Lottery!" [...]

Cyber Security Challenge Belgium 2015 – Solving the One Way challenge

This is the third blog post in the Cyber Security Challenge Belgium 2015 (CSCBE) solutions series. This time, we're taking on a very technical challenge: One Way. Data Extraction The challenge The following challenge description was given to the students: "We want our employees to be able to send us confidential information which only we [...]

Cyber Security Challenge Belgium 2015 – Solving the Data Extraction challenge

This is the second blog post in the Cyber Security Challenge Belgium 2015 (CSCBE) solutions series. This time, we're taking a look at the Data Extraction challenge. Data Extraction The challenge The following challenge description was given to the students: "We messed up and contacted the wrong forensic department. They say they found data, but [...]

Cyber Security Challenge Belgium 2015 – Solving the SFTP challenge

Two weeks ago, we proudly organised the Cyber Security Challenge Belgium 2015 (CSCBE). The CSCBE was a typical Capture-The-Flag (CTF) competition aimed at students from universities and colleges all over Belgium. During the competition, teams of three or four students had to tackle different technical challenges in order to prove their skills. In the following [...]

Open sourcing bootloader unpacker and imgdata tools for Nexus 4, 5 and 7

NVISO is proud to open source in collaboration with Christophe Beauval a tool suite to unpack the Nexus 4, 5 and 7 factory bootloader.img as well as code to work with Nexus 5's imgdata.img and scripts to dump what's in the flash of the Nexus 5 and write back to it. We are not aware [...]

The GHOST vulnerability

A serious problem in the Linux glibc library went unnoticed for almost 15 years. A simple coding mistake introduced into the code in November 2000 leaves servers including e-mail servers vulnerable to remote code execution. A buffer overflow in the GNU C Library function __nss_hostname_digits_dots(), which is called by the well used gethostbyname*() functions makes [...]