The latest news and research from the Nagarro Security team.

A Fundamental Tool in the Toolkit: Evasive Shellcode Launchers – Part 1

February 27, 2020 Ni‍co‍lai W‍a‍ng
It is important to consider the likelihood of detection when selecting tools for a red teaming engagement. Unintended detections, while good news for the blue team, can result in burned C2 infrastructure, loss of access and increased security measures. The goal of this blog is to showcase some of... Read more...

Sec in your DevOps: Adding the OWASP Dependency Check to your Jenkins pipeline

January 23, 2020 Eivind Utnes
This blog post aims to help DevOps practitioners and security professionals to take a first step towards adding security testing to an existing CI/CD pipeline. We will install the OWASP Dependency Check plugin in a Jenkins instance, verify that it gives us the expected output, and create a suppres... Read more...

Interactive guide to Buffer Overflow exploitation

December 16, 2019 Vetle Økland
A Buffer Overflow is a bug class in a program typically written in a memory unsafe language like C or C++. Buffer Overflow bugs from user-input can often allow someone to overwrite some data in memory they weren't supposed to. Before we dive into how to exploit Buffer Overflow bugs, we will do a qui... Read more...

What Makes a Great Penetration Tester

November 4, 2019 Péter Gombos
Recently at a conference in Oslo, someone at a Managed Service Provider (MSP) told me they were not particularly jealous of my work. “As a penetration tester, don’t you all the time test the same systems at the same customer, finding the same vulnerabilities every year?” I answered that this is not... Read more...

DACL Permissions Overwrite Vulnerability in Check Point VPN

June 23, 2019 Vetle Økland
A couple of months ago, I found a DACL permissions overwrite vulnerability in the Check Point Endpoint Security VPN client. This vulnerability allows any user on a Windows system to set permissions for any file to Full Control for the Authenticated Users security group (the only limitation bei... Read more...

Privilege Escalation vulnerability in CrashPlan

June 21, 2019 Vetle Økland
Recently, I enountered a vulnerability in the CrashPlan clients for Windows, Mac (and possibly Linux, but I didn't bother to test it there) that allows for privilege escalation. The vulnerability is in the handling of Proxy Auto-Config (PAC) files. PAC-files are used for automatic proxy-confi... Read more...