BigIP cookie contains internal network IP and port information in encoded format. When decoded, these cookies can help create an internal network map with potential web server IPs and their ports. F5 has described the encoding algorithm here. It works like this:If the IP address is a.b.c.d, it is encoded ... Read More

Content Security Policy (CSP) was developed with the aim of reducing content injection attacks like Cross Site Scripting. CSP allows the developers to specify the permitted content sources for their web applications and relies on HTTP response headers to enforce content restrictions.When CSP is implemented by the web application and ... Read More

This blog post was voted as 8th best in Top 10 Web Hacking Techniques of 2011 poll.With the goal of creating a tool that can help security professionals and developers to test their CAPTCHA schemes, I conducted a research on over 200 high traffic websites and several CAPTCHA service providers ... Read More

Intercepting mobile traffic is one of the key areas of mobile application penetration testing and Blackberry mobile applicatiosn are no different. In this post, we will look at methods of intercepting blackberry application traffic.It is important to note that the standalone blackberry simulator does not offer any mechanism to route ... Read More

A while back I came across a web application that implemented captcha to prevent automated form entries. The captcha was weak and could be easily solved. Below I summarize the steps followed and provide sample ruby scripts that were used to perform automated form submissions. The page names, form fields ... Read More

rootkit.com succumbed to a social engineering attack and more than 42000 of its user's passwords were made available on internet in clear (here). John the Ripper was used to recover the passwords. Out of curiosity, I analyzed certain aspects of passwords. The results of that analysis are shared below:Password Lengths: ... Read More

In this post, we will write our bare bones Ruby based SSL cipher enumerator to enumerate SSL cipher suites supported by a webserver. Without further delay, lets get started.Basics:The first step of every SSL communication is SSL handshake. During SSL handshake, both client and server settle on a common cipher ... Read More