The latest news and research from the Nagarro Security team.

Sec in your DevOps: Adding the OWASP Dependency Check to your Jenkins pipeline

January 23, 2020 Eivind Utnes
This blog post aims to help DevOps practitioners and security professionals to take a first step towards adding security testing to an existing CI/CD pipeline. We will install the OWASP Dependency Check plugin in a Jenkins instance, verify that it gives us the expected output, and create a suppres... Read more...

Interactive guide to Buffer Overflow exploitation

December 16, 2019 Vetle Økland
A Buffer Overflow is a bug class in a program typically written in a memory unsafe language like C or C++. Buffer Overflow bugs from user-input can often allow someone to overwrite some data in memory they weren't supposed to. Before we dive into how to exploit Buffer Overflow bugs, we will do a qui... Read more...

What Makes a Great Penetration Tester

November 4, 2019 Péter Gombos
Recently at a conference in Oslo, someone at a Managed Service Provider (MSP) told me they were not particularly jealous of my work. “As a penetration tester, don’t you all the time test the same systems at the same customer, finding the same vulnerabilities every year?” I answered that this is not... Read more...

DACL Permissions Overwrite Vulnerability in Check Point VPN

June 23, 2019 Vetle Økland
A couple of months ago, I found a DACL permissions overwrite vulnerability in the Check Point Endpoint Security VPN client. This vulnerability allows any user on a Windows system to set permissions for any file to Full Control for the Authenticated Users security group (the only limitation bei... Read more...

Privilege Escalation vulnerability in CrashPlan

June 21, 2019 Vetle Økland
Recently, I enountered a vulnerability in the CrashPlan clients for Windows, Mac (and possibly Linux, but I didn't bother to test it there) that allows for privilege escalation. The vulnerability is in the handling of Proxy Auto-Config (PAC) files. PAC-files are used for automatic proxy-confi... Read more...

Find The CEO’s Email — in a cloud world

February 14, 2019 Péter Gombos
You’ve hacked it all, gotten domain admin, shelled every box that you can think of and ticked off all the objectives. But there’s a single one remaining: access to the CEO’s mailbox. Easy, you just jump to the CEO’s computer and get his password. Or crack the NT-hash you got from dcsyncing all the u... Read more...