Midnight Research Labs

OWASP Testing Guide v2
cybernmd posted in pentest, security news on February 22nd, 2007
comments:0

Open Web Application Security Project (OWASP) have released an updated version of web application pentesting methodology - OWASP Testing Project. It is a culmination of 3 years of research covering testing approaches for topics like SQL Injection, AJAX, Fuzzing, Information Gathering, and other areas relevant to web application testing. Methodology is available for download as a pdf or doc files as well as for online browsing/editing on project’s wiki where anyone can contribute to further development .

MRL February meeting (new location)
sth posted in Uncategorized on February 15th, 2007
comments:0

                Fellow Hackers, Slackers, and Code-crackers:

        On Friday February 16th at 7pm PST we will be holding our monthly
        official Midnight Research Labs meeting.

        *** Important note:  This month we will be holding MRL at a new location.  ***

        This month will be focused on lockpicking.  Jason will be giving a
        presentation on lockpicking.  We will also have a lock-picking contest
        after the presentation, so bring locks or a set of picks if you
        have them.

        I'll also bring the motorized antenna we were working on last month.

        Light refreshments, and pizza will be served.  Note, this time we'll be
        serving food right at 8pm, so don't be late.

        Agenda:
                Phase 0x0: Bootstrapping
                  - Greetings and welcome
                  - MRL updates and status
                Phase 0x1: Initialization
                  - Lockpicking presentation
                  - Lockpicking contest
                  - Motorized antenna
                Phase 0x2: Local exploits
                  - Food
                  - Off topic tools, toys and other shiny things -- If anyone
                    has any interesting to show off or play with, please bring
                    it.
                  - Whatever till whenever -- This is the more social
                    part of the event.  People are invited to stay and
                    hack and have a couple drinks till whenever this
                    phase is no longer self-sustaining, =)

        This is an "invite only" event, so, don't distribute the location to
        just anyone =).  That being said, we're still looking for active
        members, so if you know someone that would be interested in
        contributing and want to sponsor or vouch for them, feel free to bring
        them along (let me know in advance if possible)

OVAL
cybernmd posted in interesting on February 15th, 2007
comments:0

OVAL (Open Vulnerability and Assessment Language) is an XML language introduced by MITRE and sponsored by US-CERT and Homeland Security. On the most basic level it provides different schemas to represent latest vulnerabilities posted on MITRE’s CVE. However, it goes one step further by defining not only vulnerabilities themselves but also logical aggregation structure of how to test for those vulnerabilities. This of course opens a possibility of designing a security assessment tool that takes advantage of OVAL language and continuously updated OVAL repository which tells you both which new vulnerabilities are available and how to test for them. You can learn more about the language here, look at definitions provided by MITRE here. Although MITRE provides a proof of concept OVAL Interpreter at its site, there is a much more usable open source project called Sussen which can get you up to speed with OVAL.

Vista speech commands hack
sth posted in fresh on February 2nd, 2007
comments:3

I thought this was a pretty clever hack. Windows Vista apparently has a speech command feature where you can speak commands that are to be executed by your computer. The idea is to have a webpage that plays an audio file of commands to download a remote file and execute it.

George Ou went off to research the concept and, at the risk of spoiling the surprise, here is the result in George’s fine words:

“I recorded a sound file that would engage speech command on Vista, then engaged the start button, and then I asked for the command prompt. When I played back the sound file with the speakers turned up loud, it actually engaged the speech command system and fired up the start menu. I had to try a few more times to get the audio recording quality high enough to get the exact commands I wanted but the shocking thing is that it worked!”

Getting last years web two point oh on
sth posted in Uncategorized on February 1st, 2007
comments:1

Ok, MRL now has a Frappr map. We have MRL people spread all over (in the US, and occasionally beyond), and it would be pretty cool to see everyone on the same map to see others that are interested in MRL meetings. Time for all of you techno-luddites to step up and add yourself!