The Space In Between

by Dmitry Kirsanov 5. May 2012 03:26

A5 chipYou’ve already heard about the Windows Phone operating system. Microsoft invested a lot of money into making you hear about it. They are trying to form opinion and clear up the niche for their new attempt to settle in the mobile phone market, and this time it appears like they went for broke.

It’s not only huge resources spent on all sorts of advertisements, but also the unusual amount of FUD in their pitch. One of such arguments that riveted my attention is that iPhone is a glamorous gadget for non-geeks. If you believe it, then this article is for you. More...

Essentials of Microsoft Internal Security Policy

by Dmitry Kirsanov 11. April 2012 07:41

Microsoft Security Essentials logo

Here’s some morning fun for security experts out there.

A few days ago I needed to arrange a payment to Microsoft. The credit card used in transaction wasn’t available the week after transaction, when the company decided to charge it. Not a big deal, I only needed to provide the details of an alternate card. Here is the fragment of an e-mail I’ve got regarding the issue:

“Due to security policy, we strongly recommend you send these details via fax or attached to an e-mail. Please do not type these details in the e-mail body. If you wish, you can provide us with these details via phone.”


Introduction to PowerShell - part 4 - Security

by Dmitry Kirsanov 23. March 2012 01:42

One of the qualities of the PowerShell, one of the scales to mark it’s success was the Security. It is also the first question asked when someone new to PowerShell is trying to run the PowerShell script.

The previous generations of scripting environments, like the Windows Scripting Host with it’s notorious VBS files sent automatically over e-mail by all sorts of worms and trojans – they cried for better security, and not only in terms of getting over the problems, but also in terms of applying newest standards and technologies.

So this video training article is about the security in Windows PowerShell. More...

Securing Corporate Identity - 3 Things You Shouldn’t Leave Behind

by Dmitry Kirsanov 5. December 2011 16:57

The new culture of making business “more social” brings so many new possibilities and chances, it’s hard to analyze the consequences of every step you take. We are doing so much in order to use the latest features of the web, that don’t recognize the jeopardy hidden in most innocent things we do.

In October of 2011 I took an experiment, which lasted for two months and gave me so interesting results, that I couldn’t resist to share. For some of you these findings could be shocking and reveal something new, but the reason for the experiment was purely to prove what seemed logical even without the experiments. More...

Security through obscurity

by Dmitry Kirsanov 8. November 2011 19:46

Rather short note for pen-testers.

Sometimes you have software which is contacting some web services – especially interesting when it’s about transferring files.

Sometimes some software packages, especially custom ones, made for a small number of customers, may have web services open for consuming by that software.

Pay attention to it. Sometimes there are exposed functions which could be exploited in a way that developers were not able to imagine.

For example, during my most recent pen-test, I was able to put files, delete and execute on server using only functions of exposed web service. Needless to say, I wouldn’t need any hacking tools or social engineering to penetrate networks of their customers as well.

This topic is rather omitted in CEH and similar courses, but with some base knowledge of programming you could kill the whole family of rabbits with one shot.

Also, as a side note about pen-testing. I noticed that even when you’re using simplest technique, a “no-brainer” one, customer will call you “hacker” or “genius” just to not call their developer or system administrator an idiot.

Password policy of our time?

by Dmitry Kirsanov 4. November 2011 06:18

PasswordWhen I began studying computers in beginning of 90s, I adopted the password policy of that time, which stated that passwords should be at least 8 symbols long and be complex, meaning that there shall be a number, uppercase and lower case symbols, and would be nice if there would also be a special character.

With Windows NT 4 we had addition to that rule, which was rarely used in practice, that the password should be longer than 14 symbols, as otherwise it could be hacked in a matter of seconds.

Windows has additional rules in corporate environment, but all of them are basically about the length, complexity and maximal age of the password. However, while you can enforce that in corporate network, most people are far from understanding the underlying idea of password policy, can’t estimate the cost of weak password, and overall they are ready to adopt the policy only if it will be reasonable enough.

So I decided to create such policy for myself, and take a look what I came up with:


What could be worse than that?

by Dmitry Kirsanov 3. November 2011 05:59

Have you ever think about all the possible things that could happen when you become subject of business espionage through hacking of your server? Either of the whole farm or one and only server you have in your organization? What are the possible scenarios you went through in your fantasies or security planning?

Here is one idea you didn’t go through. Imagine, that your server is hosting installation files for software which is used either on other computers inside of your organization or outside of it. Even funnier – you have part of your network which is separated from the  Internet but still it uses piece of software, whose installation files are stored on compromised machine.

Using technique called repackaging, intruder could change these installation files so you wouldn’t distinguish them from the original ones. They would look and behave identically but would also install Trojan horse. In case of targeted attack this Trojan horse wouldn’t be recognized by antivirus software, as it couldn’t be found on other machines in the Internet.

While very sophisticated, this attack is also very simple to implement and potentially could supply attacker with precious information for years.

I am not aware of any attempts of this kind were implemented ever, so probably could patent it. Too bad, hacking techniques wont be patented. But anyway, we are going to talk about “white hat” repackaging pretty soon, so stay tuned!

Month List