Want to chat?

Social

Chase Hanna

Chase Hanna is the Director of Marketing for CyberOne Security

Authentication Bypass Vulnerability Discovered in Infinias eIDC32 WebServer

Versions Tested: Web Revision: 1.107, Board: 3.001, Firmware: 2.213 Product: https://www.3xlogic.com/products/access-control/infinias-ethernet-enabled-integrated-door-controller-eidc Security Advisories: N/A CVE Numbers: CVE-2020-11542 CVSS Score: N/A CWE: CWE-305: Authentication Bypass by Primary Weakness NIST: IA-4: Identifier Management OWASP: A2: Broken Authentication With access to a system’s control interface, a malicious actor can unlock controls remotely, allowing them to gain physical entry […]

The Best Online Cybersecurity Courses to Take in Your Downtime

With the daily routines of millions rapidly changing as we settle into a period of social distancing, many are looking for ways to pass the time once their reading lists have been plowed through and the Netflix binge is no longer do the trick. Why not take advantage of this downtime to learn a new […]

Phishing Attacks: Beware of Online Financial Scams

Challenging times bring out the best in people – but also the worst. As the world deals with COVID-19 and the economic fallout, you can be sure that scammers are looking for ways to capitalize on this crisis. Among their methods includes leveraging current events and news. Every year we see tax refund season create […]

Vulnerabilities Discovered in Tiff Server from AquaForest

Versions Tested: Tiff Server 4.0 Product: https://www.aquaforest.com/en/tiffserver.asp Security Advisories: N/A CVE Numbers: CVE-2020-9323 CVE-2020-9324 CVE-2020-9325 CVSS Score: Unauthenticated File and Directory Enumeration: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:W/RC:C Unauthenticated Arbitrary File Download: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C Unauthenticated SMB Hash Capture via UNC: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C CWE: Unauthenticated File and Directory Enumeration: CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) Unauthenticated Arbitrary File Download: CWE-20: Improper Input […]

Vulnerability Focus: Exploits Impacting Organizations

No matter how much you think you’ve done to protect your data and systems, common vulnerabilities continue to wreak havoc on enterprises. Cyberattacks are already increasing due to global events, meaning it’s more important than ever to identify and secure vulnerabilities. The following are some vulnerability trends the CyberOne offensive security team is seeing – and […]

A Commitment to Getting It Right: Palo Alto Networks’ Expedition Migration Tool

During a recent penetration test for a client, I came across a tool called MigrationTool from Palo Alto Networks. The tool was littered with issues, like the unauthenticated disclosure of passwords, hashes, versions, and more that were uncovered. So, what’s an offensive security team member to do? I quickly grabbed my screenshots and informed Palo Alto Networks […]

Reducing Vulnerabilities: Addressing Orphaned Systems and Weak Passwords

Luckily, it was only a test. During penetration testing for two international companies, our team found numerous vulnerabilities. In both cases we had total control over all systems within the clients’ network and could easily shut them down, siphon data from critical customer-facing systems, take over PCI assets, and more. If we were the bad […]

Cracking NTLMv2 Hashes with Cthulhu

Why Password Managers and MFA are Important in your Security Stack The subject of password strength and complexity requirements has been discussed and debated ad nauseam in the security industry. It is a subject as old as information security itself and will not be going away any time soon. We, as penetration testers, absolutely love passwords because […]

ManageEngine Privilege Escalation

Background: After running into ManageEngine products on a number of penetration tests, we decided to take a closer look at their products and see if there were any vulnerabilities that we could take advantage of. CVE Numbers: CVE-2019-12876 Versions Tested: DesktopCentral – 10.0.380 ADSelfService Plus – 5.7 ADManager Plus – 6.6.5 DLL Hijacking: Multiple ManageEngine […]

ManageEngine User Enumeration

Background: While conducting a penetration test of a client’s external network, I discovered a way to enumerate users’ in ManageEngine’s ADSelfService Plus application. This allows an attacker to determine the system Admin username. Product: ManageEngine ADSelfService Plus Software Version: 5.7, build 5704 Issue: The login page is vulnerable to account enumeration. The admin login page […]