Posts | Archive

Analysis of a Trojaned ssh/sshd

Some information about a trojaned ssh client and sshd server discovered in a recent compromise.  I didn't find any details on this particular OpenSSH backdoor via Google, so hopefully this information will be of use to anyone who runs into it on their boxes.

The compromise of a group ...


udev Local Privilege Escalation

A recent bug found by Sebastian Krahmer in udev has considerable security impact across a wide range of Linux distributions.

At the core of the vulnerability is the udevd daemon, responsible for receiving and handling various device events from the kernel.  These events are delivered to udevd via netlink, a ...


Panera Gift Card Security

A bit of information on Panera Bread's gift card security, or lack thereof.

Traditional gift card security often involves a randomized account number and a scratch-off PIN number.  Randomized account numbers prevent attackers from guessing valid accounts numbers to use.  Scratch-off PIN numbers prevent attackers from checking/using card ...


dpkt Tutorial #4: AS Paths from MRT/BGP

Previously we looked at creating ICMP echo requests, parsing a PCAP file, and doing DNS spoofing with the dpkt framework.  Today I will show how to parse the AS paths of BGP messages out of MRT routing dumps.

Parsing BGP routing information is fun.  However, before projects like RouteViews were ...


ARBSEC 01 Wrap-Up

ARBSEC 01 was a great success!  Thanks for everyone who came out, Bar Louie for hosting, and dugsong for taking some pictures!  Be sure to join us for future ARBSEC meetings, the first Wednesday of each month.

ARBSEC 01
jose, grue, steiza, svowels, mattbing, and more.

ARBSEC 01
honey, jono, olga, bfields, nuxi, and ...

Copyright © 2015 - Jon Oberheide <jon at oberheide dot org>.