malerisch.net

Kemp virtual load master is a virtual load-balancer appliance which comes with a web administrative interface. I had a chance to test it and this blog post summarises some of the most interesting vulnerabilities I have discovered and which have not been published yet. For those of you who want to try it as well, you can get a free trial version here:  http://kemptechnologies.com/server-load-balancing-appliances/virtual-loadbalancer/vlm-download By default, Kemp web administrative interface is protected by Basic authentication, so the vulnerabilities discussed in the post below can either be exploited attacking an authenticated user via CSRF or XSS based attacks. The following vulnerabilities were discovered when looking at Kemp Load Master v.7.1-16 and some of them should be fixed in the latest version (7.1-20b or later). Change logs of the fixed issues can be found at the following page: " PD-2183 Functions have been added to sanitize input in the WUI in order to   reso

I have received many questions on how to properly handle authentication when using BurpCSJ , so here is a short tutorial on how to properly manage authentication. If you are looking for how to use this Burp extension, here is a basic tutorial  as well. In this post, we are going to use BurpCSJ against the Altoro bank (vulnerable web application made on purpose), which is available online here: http://demo.testfire.net/ First, start clean (the reasons will be clear at the end of this tutorial): - Start Burp; - Start browser and configure proxy settings to work with Burp; - Browse to target site: http://demo.testfire.net/ - Perform login: user: jsmith - password: Demo1234 - Check Burp cookie jar (under options/sessions), this should be populated with some cookies: - Configure BurpCSJ (Crawljax tab) and make sure that "Use Manual Proxy" is ticked and it is pointing to Burp and that the "Use cookie jar" option is ticked as well: - Start/Launch Bur

As part of my research and talk titled " Augmented Reality in your web proxy " presented during the HackPra AllStars program / OWASP AppSec EU 2013   security conference in Hamburg, I decided to release a new Burp Pro extension which integrates  Crawljax , Selenium and JUnit . I decided to take this approach to increase application spidering coverage (especially for Ajax web apps), speed up complex test-cases and take advantage of the Burp Extender API . Downloads BurpCSJ extension JAR - download (all dependencies included) BurpCSJ source code - github "Augmented Reality in your web proxy" - presentation (slideshare) Getting started Download BurpCSJ ; Load BurpCSJ extension jar via the Extender tab; Choose the URL item from any Burp tab (e.g. target, proxy history, repeater);  Right click on the URL item; Choose menu item "Send URL to Crawljax"; Crawljax will automatically start crawling the URL that you choose. Tutorials