Updates and News
We discovered several vulnerabilities in the Milesight UG67 Outdoor LoRaWAN Gateway. The device had an unprotected USB console allowing access to the root file-system for analysis, an undocumented default password usable for remote SSH login, a command execution circumventing the restricted shell and a local privilege escalation using ubus as well as a local privilege escalation using world-writeable webroot. The issues can be combined to allow privileged access from a remote connection.
We discovered several vulnerabilities in the Single Sign On components of WatchGuard: the protocol used is insecure and can be redirected, an interface based on the Telnet protocol contains a backdoor and the SSO Agent can be crashed by sending unexpected data.
Our new blog post describes the exploitation of a remote code execution vulnerabiltiy in the open-source learning platform Moodle. A short summary of the vulnerability discovered by us can be found in the corresponding advisory Moodle: Remote Code Execution via Calculated Questions.
New advisory released: Skyhigh Security Secure Web Gateway: Information Disclosure Due to Same Origin Policy Bypass on Block Page.
On 10 July 2024, Alexander Neumann will give the lecture “Behind the Screens: Insights and Stories of Real-World Penetration Testing“ in German at the IT Center of RWTH Aachen University. The lecture is public and takes place at 16:30 o’clock at the ITC lecture hall at Seffenter Weg 23.
On 17 June 2024, Alexander Neumann will give a lecture at the Hasso Plattner Institut in Potsdam titled “Behind the Screens: Insights and Stories of Real-World Penetration Testing“. The slides are available for download under Talks.
New advisory released: Aptos Wisal Payroll Accounting Uses Hardcoded Database Credentials.
As of today, RedTeam Pentesting’s website is available in a new design. Your feedback is welcome.
RedTeam Pentesting has a new member: Tobias Ferring reinforces the team as a new penetration tester.
Alexander Neumann held the talk „Der Bitwarden-Biometrie-Unfall - Wenn ein Pentest nebenher einen kritischen Fehler im Passwort-Manager aufdeckt” at the event “Studierende treffen Alumni und Unternehmensexpert:innen” at the FH Aachen University of Applied Sciences. The German language slides are available for download under Publications.
We’ve published a blog post about a vulnerability we’ve discovered in Bitwarden at the beginning of 2023. It allowed accessing data from the vault without the password in certain circumstances.
RedTeam Pentesting has two new members: Severin Schüller and Vincent Drury reinforce the team as new penetration testers.
RedTeam Pentesting has a new member: Frederic Gorski reinforces the team as a new penetration tester.
Our new blog post gives an overview of exploiting vulnerabilities in Ghostscript.
New advisory released: D-Link DAP-X1860: Remote Command Injection .
On 2 October 2023 Jens Liebchen held the talk “Gezielter Ausnahmezustand – Penetrationstests” as part of the event Fachschaftstagung Ingenieurswissenschaften of the Cusanuswerk. The German language slides are available for download under Publications.
New advisory released: Session Token Enumeration in RWS WorldServer.
A new version of monsoon has been released. Our new blog post covers the new features and improvements in detail.
In our new blog post we discuss common misconceptions about login mechanisms using the example of a vulnerability in the web interface of STARFACE PBX.
New advisory released: STARFACE: Authentication with Password Hash Possible.
Several advisories for vulnerabilities in the open-source software Pydio Cells released: Unauthorised Role Assignments, Cross-Site Scripting via File Download, Server-Side Request Forgery.
Today we released our newly developed program resocks. The accompanying blog post covers its usage and technical details.
Our new blog post describes the approach to integrate our new printer in our office infrastructure aiming to meet our specified security requirements.
Jens Liebchen held the talk “Physical Security – Wenn Türen zu Firewalls werden” on 7 February 2023 at the Chair for IT Security Infrastructures of the Friedrich-Alexander-Universität Erlangen-Nürnberg. The German language slides are available for download under Publications.
New advisory released: Skyhigh Security Secure Web Gateway: Cross-Site Scripting in Single Sign-On Plugin.
Alexander Neumann held the talk „Mitbringsel aus dem Alltag: Star Wars in der niedersächsischen Provinz” at the event “Studierende treffen Alumni und Unternehmensexperten” at the FH Aachen University of Applied Sciences. The German language slides are available for download under Publications.
The German TV show WDR Lokalzeit Aachen reported about our work and our new office.
New advisory released: Missing Authentication in ZKTeco ZEM/ZMM Web Interface.
Our new blog post introduces and covers common use cases of pretender, a new name resolution sidekick for relaying attacks.
RedTeam Pentesting has a new member: Roman Karwacik reinforces the team as a new penetration tester.
New advisory released: Credential Disclosure in Web Interface of Crestron Device.
Our new blog post describes our approach to discover a backdoor in the Auerswald COMpact 5500R PBX.
Several advisories for Auerswald devices released: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass, Auerswald COMpact Privilege Escalation, Auerswald COMpact Arbitrary File Disclosure, Auerswald COMpact Multiple Backdoors.
On 21 October 2021 Jens Liebchen will give the German language talk “IT-Sicherheit: Unterwegs zwischen zwei Welten” at 14:30 o’clock at the Technologiezentrum Aachen (powered by Techniker Krankenkasse). Register at konferenz@tza-aachen.de in order to participate. The 3G rule applies.
New advisory released: Cross-Site Scripting in myfactory.FMS.
New advisory released: XML External Entity Expansion in MobileTogether Server.
On the German podcast Digital genial by proALPHA we talk about cyber crime and how companies can better protect themselves through penetration tests.
Today we released our encryption solution for the reMarkable 2 ePaper tablet on GitHub. An additional blog post outlines our threat model and the development process.
RedTeam Pentesting has a new member: Jan Kruse reinforces the team as a new penetration tester.
Our new blog post discusses easy readable styling of program calls by using curl as an example.
On 23 February 2021 Jens Liebchen will give the German language talk “(Un-)Sicherheit voraus” for the Rotary Club Aachen-Frankenburg.
Keeping up the good tradition, Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 26 January 2021 in the context of the lecture “Angewandte IT-Sicherheit” at the Lehrstuhls für IT-Sicherheitsinfrastrukturen (Chair for IT Security Infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg in form of a video conference.
RedTeam Pentesting has a new member: Peter Ott reinforces the team as a new penetration tester.
Our third blog post deals with the exploitation of a PHP deserialization vulnerability, using the Yii PHP framework as an example.
Today we released our new blog. The first post describes analysis and exploitation of a vulnerability in Apache Tomcat.
New advisory released: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton.
New advisory released: FRITZ!Box DNS Rebinding Protection Bypass.
New advisory released: Denial of Service in D-Link DSR-250N.
New advisory released: Inconsistent Behavior of Go’s CGI and FastCGI Transport May Lead to Cross-Site Scripting.
RedTeam Pentesting can now be found on GitHub. Today the HTTP enumerator monsoon has been released.
RedTeam Pentesting is hiring new employees to reinforce our teams! Further information can be found on our new career website (German only).
New advisory released: Credential Disclosure in WatchGuard Fireware AD Helper Component.
Two new advisories released: IceWarp: Cross-Site Scripting in Notes for Contacts and IceWarp: Cross-Site Scripting in Notes.
RedTeam Pentesting has a new member: Lucas Vater reinforces the team as a new penetration tester.
Two new advisories released: Unsafe Storage of Credentials in Carel pCOWeb HVAC and Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC.
Keeping up the good tradition, Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 31 October 2019 in the context of the lecture “Angewandte IT-Sicherheit” at the Lehrstuhls für IT-Sicherheitsinfrastrukturen (Chair for IT Security Infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg. Following the talk there will be a practical introduction to lock picking.
On 5 July 2019 Jonas Lieb will give a talk about pentesting at the III. Physikalisches Institut B of the RWTH Aachen University in the context of the event Freitagsseminar.
New advisory released: Information Disclosure in REDDOXX Appliance.
On 24 June 2019 Jonas Lieb will give the German language talk “Pentesting in der Praxis” at the practical Hacker training in the context of the bachelor of computer science at the Bonn-Rhein-Sieg University of Applied Sciences in Sankt Augustin.
RedTeam Pentesting has a new member: Merlin Marek reinforces the team as a new penetration tester.
New advisory released: Directory Traversal in Cisco Expressway Gateway.
Three new advisories concerning improperly fixed vulnerabilities in Cisco RV320 Dual Gigabit WAN VPN Routers released: Unauthenticated Configuration Export, Unauthenticated Diagnostic Data Retrieval and Command Injection.
New advisory released: Code Execution via Insecure Shell Function getopt_simple.
Three new advisories for Cisco RV320 Dual Gigabit WAN VPN Router released: Unauthenticated Configuration Export, Unauthenticated Diagnostic Data Retrieval and Command Injection.
RedTeam Pentesting has a new member: Erik Geiser reinforces the team as a new penetration tester.
On 4 December 2018 Alexander Neumann will give the German language talk “Sicherer Umgang mit Daten auf SSDs” at the IT-Sicherheitstag NRW by the IHK NRW. The German language slides are available for download under Publications.
Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 30 October 2018 at the Lehrstuhl für IT-Sicherheitsinfrastrukturen (Chair for IT Security Infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg . Following the talk there will be a practical introduction to lock picking. RedTeam Pentesting is glad to be able to support the University with a presentation and practical expertise again.
On 25 October 2018 Alexander Neumann will give the German language talk “Sicheres Löschen von Daten auf SSDs” at the practical Hacker training in the context of the bachelor of computer science at the Bonn-Rhein-Sieg University of Applied Sciences in Sankt Augustin.
Jens Liebchen was interviewed for the article „In fremder Hand” by the IHK Aachen.
At the event “Mit Sicherheit! - Offener Austausch und Diskussion mit IT-Sicherheitsexperten” by the IHK Aachen on 11 October 2018 Jens Liebchen will answer your questions about IT security. Participation is free after registration.
The weekend of 25 August - 26 August 2018, RedTeam Pentesting will again be present with a booth as a gold sponsor at FrOSCon in Bonn/St. Augustin. RedTeam Pentesting is always looking for new employees, we are happy to talk to you in person!
On 23 May 2018 Alexander Neumann will give the German language talk “Sicheres Löschen von Daten auf SSDs” at the 8. IT-Forensik Workshop at the FH Aachen
Two new advisories released: CyberArk Password Vault Memory Disclosure, CyberArk Password Vault Web Access Remote Code Execution.
New advisory released: Shopware Cart Accessible by Third-Party Websites.
New security advisory released: rt-sa-2018-001: Arbitrary Redirect in Tuleap.
RedTeam Pentesting has a new member: Jonas Lieb reinforces the team as a new penetration tester.
RedTeam Pentesting has a new member: Yvonne Breuer reinforces the team as a new penetration tester.
New security advisory released: rt-sa-2017-013: Truncation of SAML Attributes in Shibboleth 2.
On 16 November 2017 Alexander Neumann will give the German language talk “Sicheres Löschen von Daten auf SSDs” at the 41. DAFTA in Cologne
New security advisory released: rt-sa-2016-008: XML External Entity Expansion in Ladon Webservice.
Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 26 October 2017 at the Lehrstuhl für IT-Sicherheitsinfrastrukturen (chair for IT security infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg . Following the talk there will be practical introduction to lock picking. RedTeam Pentesting is glad to be able to support the University with a presentation and practical expertise again.
RedTeam Pentesting has a new member: Daniel Küppers reinforces the team as a new penetration tester.
Four new advisories for WebClientPrint Processor 2.0 released: Remote Code Execution via Print Jobs, Remote Code Execution via Updates, Unauthorised Proxy Modification and No Validation of TLS Certificates.
As gold sponsor RedTeam Pentesting has a booth at FrOSCon in Bonn/St. Augustin next weekend (19 August - 20 August 2017). Alexander Neumann will give the presentation “Sicheres Löschen von Daten auf SSDs” (German) at 10:00 am on Saturday in room HS1.
New advisory released: Cross-Site Scripting in TYPO3 Formhandler Extension.
New advisories for multiple critical vulnerabilities in REDDOXX Suite released: Cross-Site Scripting, Unauthenticated Arbitrary File Disclosure, Unauthenticated Extraction of Session-IDs, Arbitrary File Disclosure with root Privileges via RdxEngine-API, Undocumented Administrative Service Account, Unauthenticated Access to Diagnostic Functions and Remote Command Execution as root.
New advisory released: Remote Command Execution in PDNS Manager.
On 19 May 2017, RedTeam Pentesting presents itself at the “ITS.Connect 2017” in Bochum and shares insights into the day-to-day work of a penetration tester.
RedTeam Pentesting is nominated for the AC² Regional Innovation Award 2017. The winner will be announced on June 1st in the coronation chamber of Aachen City Hall.
Till Maas writes in the article “Aus der Praxis: Wie man einen Multifunktionsdrucker absichert” on the German website Heise Business Services about experiences with securing a multi-function printer.
Patrick Hof represents RedTeam Pentesting at the G20 Multi Stakeholder Conference „Digitalisation: Policies for a Digital Future”.
NRW.INVEST presents RedTeam Pentesting’s company profile in the magazine “Movers & Shakers in NRW” as one of the leading companies in their business.
RedTeam Pentesting is excited to support the FrOSCon in Bonn/St. Augustin this year as gold sponsor. See you there!
Follow RedTeam Pentesting on Twitter to get the latest updates about RedTeam and the IT-security world!
New advisory released: Padding Oracle in Apache mod_session_crypto.
On 19 December 2016, Patrick Hof will give a guest lecture with the title “Operating Systems Security And Why It (Mostly) Doesn’t Matter” in the module Operating Systems Security at Radboud Universiteit Nijmegen.
New advisory released: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler.
On 11/07/16, the german TV station WDR showed in its Servicezeit program a report with RedTeam Pentesting about a vulnerability in the AVM FRITZ!Box firmware which allowed attackers to initiate phone calls on behalf of the owner of the FRITZ!Box.
Jens Liebchen will give the talk “Alles wird gut? Über Menschen, Angreifer & die Zukunft” (Everything will be fine? About humans, attackers and the future) on 2 November 2016 at the Leetcon.
Alexander Neumann will give the talk “Daten löschen, aber richtig - über die Besonderheiten von SSDs” (Deleting data the right way - about the specialities of SSDs) on 2 November 2016 at the Leetcon.
Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 20 October 2016 at the Lehrstuhl für IT-Sicherheitsinfrastrukturen (chair for IT security infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg . Following the talk there will be practical introduction to lock picking. RedTeam Pentesting is glad to be able to support the University with a presentation and practical expertise again.
The Handelsblatt reports in the article “Der Hacker als Helfer” about RedTeam Pentesting.
Three new advisories released: XML External Entity Expansion in Paessler PRTG Network Monitor, Websockify: Remote Code Execution via Buffer Overflow and Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution.
The slides of the talk “Penetration Tester – Click Monkey or Creative Hacker?”, held by Sebastian Chrobak at the Security Lab 2016 of the Research Group IT-Security of the RWTH Aachen University, are now available in the publications section.
The slides of the talk “Was Dein ist, ist Mein – Datensicherheit aus der Angreiferperspektive”, held by Jens Liebchen on the occasion of the World Intellectual Property Day at the TZ Aachen, are now available in the publications section.
Today, the article “Immer auf der Suche nach Schwachstellen” about RedTeam Pentesting’s work was published in Aachener Zeitung (Issue 25. April 2015, Page 6). It is also available online (AZ).
The state of North Rhine-Westphalia has awarded RedTeam Pentesting for its outstanding performance as a “worldwide market leader specialized in penetration testing” as part of the campaign GERMANY AT ITS BEST. A certificate issued by the state’s ministry for economic affairs is available for download.
New security advisory released: Cross-site Scripting in Securimage 3.6.22
At 2 p.m. on 17 February 2016, Jens Liebchen will be part of an expert panel in the (German language) live webcast “Sind Ihre Drucker ausreichend gegen Angriffe geschützt?” of heise Business Services. The panel will discuss the role that printers and multi-function peripherals play for the IT security of businesses. Participants are required to register prior to the event.
On 6 February, Till Maas will give the talk “Let’s Encrypt with Best Practices” at the DevConf.cz conference in Brno, Czech Republic.
New security advisory released: o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials
Two new security advisories released: AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images and AVM FRITZ!Box: Remote Code Execution via Buffer Overflow
RedTeam Pentesting has a new member: Philip Huppert reinforces the team as a new penetration tester.
New security advisory released: rt-sa-2015-013: Symfony PHP Framework: Session Fixation In “Remember Me” Login Functionality
On 21 December, Sebastian Chrobak and Jens Liebchen will give a talk about physical security and host a subsequent discussion concerning IT security in practice. The talk and discussion will take place in context of the lecture IT Security 1 of the Research Group IT-Security at the RWTH Aachen University.
Todays issue 231 of the German Handelsblatt contains the article “Wo ist die Schwachstelle?” that quotes Jens Liebchen, CEO of RedTeam Pentesting GmbH.
RedTeam Pentesting has a new member: David Brown reinforces the team as a new penetration tester.
New security advisory released: rt-sa-2015-006: Buffalo LinkStation Authentication Bypass
The slides from the talk “Security Threats at Conferences”, held at the Flock 2015 conference in Rochester, NY, USA are now available in the publications section.
We are happy to be able to support the city of Aachen’s campaign “Wussten Sie schon, dass…” in promoting the Technology Region Aachen. Our contribution can be found on the website of the city of Aachen, or on our own website as a PDF document or as an image file.
On 12 August, Till Maas will give the talk “Security Threats at Conferences” at the Fedora Contributor Conference in Rochester, NY, USA.
New security advisory released: rt-sa-2015-002: SQL Injection in TYPO3 Extension Akronymmanager
Two new security advisories released: rt-sa-2015-003: Alcatel-Lucent OmniSwitch Web Interface Weak Session ID and rt-sa-2015-004: Alcatel-Lucent OmniSwitch Web Interface Cross-Site Request Forgery
On 18 June, Hanno Heinrichs will give the (German language) talk “Your Home is my Castle” at the Cryptoparty organised by the Fachschaft Mathematik/Physik/Informatik of RWTH Aachen University.
On 8 July RedTeam Pentesting will present itself at the bonding CyberDay 2015 in Aachen. Jens Liebchen will also give the (German language) talk “Beruf: Hacker” which will give an insight into the work as a penetration tester.
The Audit Challenge conference for audit methodology will take place in Frankfurt from 8 until 12 June. Thursday the 11th will host presentations and discussions on the topic of fraud investigation and prevention. RedTeam Pentesting will give a presentation and will take part in a panel discussion on prevention measures relevant to Industry 4.0.
On 18 March, Patrick Hof will give the (German language) talk „Achtung, Unfall voraus…?” on IT security in public transport companies at the itcs seminar of the year 2015 „Innovationen rund um die Echtzeit” by the VDV.
New security advisory released: rt-sa-2014-016: Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite
New security advisory released: rt-sa-2014-013: Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page
On 25 February 2015, Jens Liebchen will be at the 22. DFN-Konferenz “Sicherheit in vernetzten Systemen” in Hamburg, discussing success factors for good penetration tests based on his practical experience as a penetration tester. The language of the talk will be German.
New security advisory released: rt-sa-2014-010: AVM FRITZ!Box Firmware Signature Bypass
New security advisory released: rt-sa-2014-015: Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0
The (German) slides from the talk “Angriff zur Verteidigung – Erfolgsfaktoren für gute Penetrationstests”, held at the IT-Sicherheitstag NRW in Hagen are now available in the publications section.
New security advisory released: rt-sa-2014-012: Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components
The vulnerability enables attackers to fully compromise the application servers that host the mobile device management components and therefore most likely also all devices managed through the solution.
Three new security advisories released: rt-sa-2014-007: Remote Code Execution in TYPO3 Extension ke_dompdf, rt-sa-2014-009: Information Disclosure in TYPO3 Extension ke_questionnaire and rt-sa-2014-011: EntryPass N5200 Credentials Disclosure
On 10 December 2014 Patrick Hof will give a live interview at the 2. SZ-Fachkonferenz: Versicherung und Internet on the topic “Hackerangriffe – wie die Profis vorgehen: Wo liegen die größten Sicherheitslücken?”. The language of the interview will be German.
On 3 December 2014 Jens Liebchen will give a talk at the IT-Sicherheitstag NRW on the topic “Angriff zur Verteidigung - Erfolgsfaktoren für gute Penetrationstests”. The language of the talk will be German.
RedTeam Pentesting has a new member: Hanno Heinrichs reinforces the team as a new penetration tester.
New security advisory released: rt-sa-2014-008: Python CGIHTTPServer File Disclosure and Potential Code Execution
Two new security advisories released: rt-sa-2013-002: Endeca Latitude Cross-Site Request Forgery and rt-sa-2013-003: Endeca Latitude Cross-Site Scripting
New security advisory released: rt-sa-2014-006: Directory Traversal in DevExpress ASP.NET File Manager
Two security advisories released: rt-sa-2014-004: Remote Command Execution in webEdition CMS Installer Script and rt-sa-2014-005: SQL Injection in webEdition CMS File Browser
On 17 June 2014 Jens Liebchen will give the talk “Multifunktionsdruckgeräte und IT-Sicherheit: Ein Erfahrungsbericht” at the VDE Regio Aachen course of lectures on IT security. The talk will be held in the lecture room FT of the RWTH Aachen (Melatener Str. 23-25, 52074 Aachen). There is no entrace fee and visitors are explicitly welcome. The language of the talk will be German.
The new category testmonials contains anonymised customer statements about RedTeam Pentesting’s services. The testimonials displayed are rotated on a regular basis, to provide a comprehensive picture.
Security advisory released: rt-sa-2014-003: Metadata Information Disclosure in OrbiTeam BSCW
RedTeam Pentesting has a new member: Sebastian Neumann reinforces the team as a new penetration tester.
Security advisory released: rt-sa-2014-002: rexx Recruitment Cross-Site Scripting in User Registration
Security advisory released: rt-sa-2014-001: McAfee ePolicy Orchestrator XML External Entity Expansion in Dashboard
On 16 January, Patrick Hof will give the (German language) talk “IT-Sicherheit und Kryptographie in der Praxis” at the Cryptoparty organised by the Fachschaft Mathematik/Physik/Informatik of RWTH Aachen University.
On invitation by the GDD Jens Liebchen will give a talk titled “Jailbreaking Your MFP for more Security - MFPs, sensible Druckdaten und IT-Sicherheit: Ein Erfahrungsbericht” at the 37. Datenschutzfachtagung (DAFTA) held in Cologne from 14 to 15 November 2013.
On 29 November 2013 Jens Liebchen will give the talk “Jailbreaking Your MFP for more Security - MFPs, sensible Druckdaten und IT-Sicherheit: Ein Erfahrungsbericht” at the computing centre of the RWTH Aachen University. The talk will take place in the lecture room of the Rechenzentrum from noon to 2pm. External visitors are explicitly welcome. After the talk there will be room for an interactive session and open discussion. The language of the talk will be German.
Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 25 October 2013 at the Lehrstuhl für IT-Sicherheitsinfrastrukturen (chair for IT security infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg . Following the talk there will be practical introduction to lock picking. RedTeam Pentesting is glad to be able to support the University with a presentation and practical expertise again.
RedTeam Pentesting is happy to sponsor the capture the flag contest “rwthCTF 2013” of RWTH Aachen University’s Research Group IT Security. The CTF starts on 9 November at 2pm (CET) and ends on 10 November at 2am.
By 31 July 2013, Claus R. F. Overbeck will leave RedTeam Pentesting GmbH. This step was meticulously prepared over the last six months. With the familiar executives Patrick Hof and Jens Liebchen, RedTeam Pentesting GmbH’s team will continue to offer penetration tests in the established high quality.
RedTeam Pentesting has a new member: Lukas Kupczyk reinforces the team as a new penetration tester.
On 25 May 2013, Jens Liebchen will give the talk “Jailbreaking Your MFP for More Security” at the LinuxTag 2013 in Berlin. The talk was already given with much success at the 20. DFN Workshop in February.
New advisory released: rt-sa-2013-001: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution.
The German magazine “Wirtschaftliche Nachrichten” of the IHK Aachen reports in the article “Angriff auf Abruf” about the work as penetration tester at RedTeam Pentesting.
The (German) slides for the talk “Jailbreaking Your MFP for More Security” given by Jens Liebchen at the 20. DFN-Workshop “Sicherheit in vernetzten Systemen” are available in the publications section.
Today Stella Peters of eldoradio* (a German radio station) interviewed Jens Liebchen about penetration tests and job trainings for penetration testers. The German interview will be aired on 01/23/2013 and will be available as a podcast afterwards.
RedTeam Pentesting has a new member: Benjamin Grap reinforces the team as a new penetration tester.
On 20 February 2013, Jens Liebchen of RedTeam Pentesting will hold the talk “Jailbreaking Your MFP for More Security” at the 20. DFN-Workshop “Sicherheit in vernetzten Systemen” in Hamburg. The talk will cover the pitfalls of purchasing and operating MFPs (multi-function printer) in sensitive environments and will highlight some creative ways of avoiding or remedying them.
RedTeam Pentesting is happy to sponsor the capture the flag contest “rwthCTF 2012” of RWTH Aachen University’s Research Group IT Security. The CTF starts on 30 November at 2pm (CET) and ends on 1 December at 2am.
Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 30 October 2012 at the Lehrstuhl für IT-Sicherheitsinfrastrukturen (chair for IT security infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg . RedTeam Pentesting is glad to be able to again support the University with a presentation and practical expertise.
Patrick Hof was interviewed by the Deutsche Welle for their online article “Cyber attacks turn into a business model” about distributed denial of service (DDoS) attacks against banking IT.
Open positions for penetration testers! More information in the new career section.
The (German) slides for the talk “Sicherheit und Industriespionage – Von technischen und menschlichen Schwächen” given by Patrick Hof at the ESMT Management Update 2012 are available in the publications section.
New advisory released: rt-sa-2012-002: php-decoda: Cross-Site Scripting in Video Tags.
The (German) slides for the talk “Sicherheit und Industriespionage – Von technischen und menschlichen Schwächen” given at IHK Aachen are available in the publication section.
On 25 April 2012 Jens Liebchen will hold a lecture at the Technologieforum IT & Telekommunikation ”Datensicherheit – Wie schütze ich mein Unternehmen” at the IHK Aachen with the topic ”Sicherheit und Industriespionage – Von technischen und menschlichen Schwächen”. Attendance is free, but registration at IHK Aachen is required. The lecture will be held in German.
Jens Liebchen gave an interview to the German online magazine “All About SECURITY” about the topic “Welche Argumente lassen sich für die Begründung eines Pentests heranziehen?” (good reasons for penetration tests).
The slides and paper for the talk “Theoretische und praktische Risiken der Verwendung von URL-Verkürzungsdiensten” given by Alexander Neumann on Februar 22nd, 2012 at the 19. DFN-Workshop “Sicherheit in vernetzten Systemen” can be found in the publications section.
On 22 February 2012, Alexander Neumann will give the talk “Theoretische und praktische Risiken der Verwendung von URL-Verkürzungsdiensten” about the risks of using URL shortening services at the 19th DFN Workshop “Sicherheit in vernetzten Systemen” (security in networked systems) in Hamburg. The talk will be on the second workshop day, 9:30am.
New advisory released: rt-sa-2012-001: Bugzilla: Cross-Site Scripting in Chart Generator.
Two new advisories released: rt-sa-2011-005: Owl Intranet Engine: Authentication Bypass and rt-sa-2011-006: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes.
Jens Liebchen was interviewed by the radio station DRadio Wissen for the news item “Bundesweiter Penetrationstest” about the German crisis management exercise LÜKEX (Länder Übergreifende Krisenmanagement-Übung) 2011.
Claus Overbeck was interviewed by the German magazine Wirtschaftswoche for the article “Lautlose Attacken aus dem Netz”.
Jens Liebchen will give the talk “Physical Security - Wenn Türen zu Firewalls werden” on 8 November 2011 at the Lehrstuhl für IT-Sicherheitsinfrastrukturen (chair for IT security infrastructures) of the Friedrich-Alexander-Universität Erlangen-Nürnberg and 5 Dezember 2011 at the Fachhochschule Aachen in the course Informationssicherheit (information security). RedTeam Pentesting is glad to be able to again support Universities with a presentation and practical expertise.
RedTeam Pentesting has a new member: Matthias Lederhofer reinforces the team as a new penetration tester.
The fluter Magazine of the German Federal Agency for Civic Education cites Patrick Hof on the topic of penetration tests in the article “Krieg oder Cyberprotest”.
Issue 05/2011 of ADMIN Magazine will include the english translation of an article about physical security written by RedTeam Pentesting, that was already published in the German edition. Release dates are October 7 for the EU, November 11 for the US and December 12 for the australian edition.
Jens Liebchen answers questions about online banking security today at 6:20pm for the German TV show WDR Servicezeit.
RedTeam Pentesting is using a new telephone number. From now on you can reach RedTeam Pentesting via phone at +49 241 510081-0 or via fax at +49 241 510081-99. We are looking forward to your call!
On August 5 2011 at 2:00pm, Alexander Neumann will give a talk about “Exploiting Padding Oracles in Practice” at the IT Security Research Group (in the seminar room) of RWTH Aachen University. Everybody is welcome to join the free talk, though cryptographic knowledge is needed. The talk will be given in German.
In the current edition of the German magazine ADMIN-Magazin an article about physical security written by RedTeam Pentesting was published.
Patrick Hof talks about risks of online banking today at 5:30pm in Das Sat.1 Magazin.
On July 1st, Patrick Hof will hold the workshop “Aktuelle Fälle von Datendiebstahl und wie sie grundsätzlich funktionieren - Hintergrundwissen für Journalisten” at the Netzwerk Recherche’s Jahreskonferenz 2011 in Hamburg.
Jens Liebchen comments on new security measures for online banking for the German TV station n-tv. The interview will be aired on June 10, 2011.
On May 26 2011, Alexander Neumann will give a talk about “Security and Privacy Implications of URL Shortening Services” at the IEEE Symposium on Security and Privacy in the workshop part Web 2.0 Security and Privacy 2011 (W2SP) in Oakland, California.
Two new advisories released: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances, Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface.
RedTeam Pentesting demonstrates for the German TV show MDR Umschau how easy unauthorised persons can break into hotel rooms.
Claus Overbeck of RedTeam Pentesting talked about penetration testing in the interview “Wir brechen tagtäglich ein” with the German WirtschaftsWoche.
RedTeam Pentesting has a new member: Angel Tchorbadjiiski reinforces the team as a new penetration tester.
Two new advisories released: nostromo nhttpd directory traversal leading to arbitrary command execution, SugarCRM list privilege restriction bypass.
Jens Liebchen of RedTeam Pentesting was interviewed for the German article “Das Handy als Autoschlüssel oder Kreditkarte” by the WDR and talks about near field communication.
Jens Liebchen of RedTeam Pentesting was interviewed for the German article “Banken schaffen TAN-Listen ab” by the WDR and talks about new and old risks of online banking.
Jens Liebchen held the talk “Physical Security - Wenn Türen zu Firewalls werden” at the 18th DFN Workshop. The slides from the talk can be found in the publications section.
A video of Claus Overbeck’s talk about “Ten Commandments of IT-Security for WEB 2.0 Startups” is now available at the HackFwd Blog and on Vimeo.
On February 10th, RedTeam Pentesting will give the talk “Physical Security - Wenn Türen zu Firewalls werden” about physical security and its relation to IT security at the 18th DFN Workshop “Sicherheit in vernetzten Systemen” (security in networked systems) in Hamburg. The talk will be on the second workshop day, 10:00am.
Claus Overbeck held a talk about “Ten Commandments of IT-Security for WEB 2.0 Startups” at the HackFwd Build 0.4. The slides from the talk can be found in the publications section.
Jens Liebchen of RedTeam Pentesting was interviewed for the report “Gefahr durch Industriespionage” of the WDR programme WESTPOL. It will be part of the show broadcast on November 14, 2010, at 7:30pm.
On September 2010, RedTeam Pentesting will give the lightning talk “Forgotten JBoss AS exploitation techniques” at the BruCON security conference in Brussels.
On August 31, 2010 RedTeam Pentesting will give the talk “Sicherheit und Industriespionage: Ein Realitätsabgleich” at the event Praktische IT-Sicherheit, Hochschule Bonn-Rhein-Sieg.
The slides plus link collection for the workshop “Un(der)cover - Von der Online-Recherche hin zur gezielten Generierung neuer Informationsflüsse”, held at the Netzwerk Recherche’s annual conference 2010 in Hamburg, are now available under Publications.
On July 9th, RedTeam Pentesting will hold the workshop “Un(der)cover - Von der Online-Recherche hin zur gezielten Generierung neuer Informationsflüsse” at the Netzwerk Recherche’s Jahreskonferenz 2010 in Hamburg.
RedTeam Pentesting will be present at the Informatica 2010 in Aachen on June 25th, 2010. More information is available in Regina e.V.’s program schedule (German).
As of now, a new information page about JBoss Security is available. It also contains the new whitepaper “JBoss AS - Deploying WARs with the DeploymentFileRepository MBean” and scripts for download.
Video of the talk “Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now?”(German), held at Ruhr-Universität Bochum, is now available online.
On April 21, 2010 RedTeam Pentesting GmbH will present the talk “Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now” (in German) at the Bachelor-Vertiefungspraktikum zur Hackertechnik of the Chair for Network and Data Security, Ruhr-Universität Bochum.
The slides from the talk “Peeking into Pandora’s Bochs - Instrumenting a Full System Emulator to Analyse Malicious Software”, held at the Hackito Ergo Sum 2010 security conference, are now online.
RedTeam Pentesting GmbH will be presenting the talk “Peeking into Pandora’s Bochs - instrumenting a full system emulator to analyse malicious software” at the Hackito Ergo Sum IT security conference in Paris (April 08th-10th 2010).
On February 9th, RedTeam Pentesting will give the talk “Emulationsbasiertes Entpacken von laufzeitgepackten Schadprogrammen und darüber hinaus” about emulation based unpacking of runtime packed malware at the 17th DFN Workshop “Sicherheit in vernetzten Systemen” (security in networked systems) in Hamburg. The talk will be on the first workshop day, 4:15pm.
Three new advisories released: Security vulnerabilities in the Geo++(R) GNCASTER NTRIP Caster.
Proof of Concept Code for the TLS Renegotiation Vulnerability published.
The Whitepaper of the talk “Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now” is now available also available in English at the Publications page.
The paper “Man-in-the-Middle Attacks against the chipTAN comfort Online Banking System” is now also available in English.
German press release “Online-Banking: Erfolgreicher Angriff gegen chipTAN comfort-Verfahren” (German) and paper “Man-in-the-Middle Attacks against the chipTAN comfort Online Banking System” published.
RedTeam Pentesting examined the online banking systems iTAN and chipTAN comfort and devised attacks against them for the German TV magazine Planetopia on SAT1. The results will be shown on November 22nd, 2009 at 10:45pm. Full details about all attacks will be published on Monday, November 23rd, 2009 under Publications.
[Update] The video “Vorsicht beim Online-Banking – Wie unsicher ist die neue chipTAN?” can now be watched on the Planetopia website.
[Update] The video is not available anymore.
RTL Télé Lëtzebuerg published a short report about hack.lu 2009, including a part about RedTeam Pentesting GmbH.
The (German) article “Ubiquitous Security – ganz gewöhnliche Angriffsvektoren”, published by SearchSecurity.de is now listed in the “press” section. The article contains commentary by Jens Liebchen of RedTeam Pentesting GmbH.
The slides from the talk “Peeking into Pandora’s Bochs - Instrumenting a Full System Emulator to Analyse Malicious Software”, held at the hack.lu 2009 security conference, are now online.
While attending the hack.lu security conference in Luxembourg, RTL Télé Lëtzebuerg did a short interview with RedTeam Pentesting. It is scheduled to be shown during today’s evening news “De Journal” at 19:30. You can watch it at the RTL Livestream.
RedTeam Pentesting GmbH will be presenting the talk “Peeking into Pandora’s Bochs - instrumenting a full system emulator to analyse malicious software” at the hack.lu IT security conference in Luxembourg (October 28th-30th 2009).
RedTeam Pentesting will present the talk „Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now” at FrOSCon. FrOSCon is a two-day conference about Free Software and Open Source. .
The Whitepaper of the talk “Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now” is now available at the Publications page. It contains detailed descriptions of the attacks presented in the talk.
On June 17th 2009, RedTeam Pentesting will give the talk “Sicherheit und Industriespionage: Ein Realitätsabgleich” (German) at the IHK Aachen. The event happens together with the Verfassungsschutz NRW and the Landesinitiative secure-it.nrw. The central theme of the talk will be examples from penetration tests and real cases of industrial espionage, which point out surprising risk factors.
As of today, RedTeam Pentesting’s website is available in a new design. Following this update, the contents will also be expanded and updated over time.
Four advisories concerning the IceWarp eMail Server released.
On May 19th 2009, RedTeam Pentesting will give the talk „Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now” at the Center for Computing and Communication of RWTH Aachen University. Because of the available time, all attacks can be demonstrated live. Participation is free for everyone interested, only a registration is required.
On May 8th 2009, RedTeam Pentesting is represented with a booth at the 25th anniversary celebrations of the Technology Centre Aachen. Amongst other things, RedTeam Pentesting will show how to eavesdrop on DECT telephones. Visitors are encouraged to bring their own telephones, which will then be examined on-site.
RedTeam Pentesting has a new member: Alexander Neumann reinforces the team as a new penetration tester.
Euregio aktuell mentions RedTeam Pentesting in their article “Europäische Tagung in Aachen” (European conference in Aachen), which happened in the context of the EU project FIN-URB-ACT.
The slides from the talk “Bridging the Gap between the Enterprise and You - or - Who’s the JBoss now” held at the 16th DFN-CERT Workshop in Hamburg are now online.
The slides from the talk “Überraschende Angriffsvektoren: Weit verbreitet, oft übersehen” held at the security day of the open source forum at the CeBIT are now online.
The slides from the talk “Practical Security and Crypto: Why Mallory Sometimes Doesn’t Care” held at the EiPSI seminar at the TU Eindhoven are now online.
On March 04, 2009 RedTeam Pentesting will give a talk at the EiPSI Seminar of the Eindhoven University of Technology with the title “Practical Security and Crypto: Why Mallory Sometimes Doesn’t Care”.
On March 06, 2009 RedTeam Pentesting will give a talk at the CeBIT with the title “Überraschende Angriffsvektoren: Weit verbreitet, oft übersehen” (in German) at the Open Source forum’s security day. The German Linux Magazine will also do a live streaming of the event.
On 17th/18th February 2009, RedTeam is attending the IT Security Gipfel 16 in Berlin.
The slides from the talk “IT-Security in Theorie und Praxis” at the IHK Arnsberg are now online.
On January the 22th 2009, RedTeam Pentesting will give the talk “IT-Security in Theorie und Praxis” at the IHK Arnsberg.
On March 17th, RedTeam Pentesting will give the talk “Bridging the Gap between the Enterprise and You” about vulnerabilities in JBoss AS installations at the 16th DFN Workshop “Sicherheit in vernetzten Systemen” (security in networked systems) in Hamburg. The talk will be on the first workshop day, after the keynote.
The Gründerregion Aachen interviewed RedTeam Pentesting about the risks of Web 2.0 technologies for issue 3/2008 of their news journal “Gründerzeitung”.
RedTeam Pentesting is taking part in the IT Security Gipfel 15 in Berlin.
RedTeam Pentesting will give a talk titled “Bridging the Gap between the Enterprise and You” at the security conference hack.lu 2008 on 23rd October. The talk covers typical vulnerabilities of JBoss installations and their exploitation.
RedTeam Pentesting has grown substantially and moved to new premises within the Aachen Technology Centre. Telephone and Fax numbers remain the same.
On September 24, RedTeam Pentesting will give a (German language) talk titled “IT-Security in Theorie und Praxis - Über ‘harmlose’ Geräte und andere Denkfehler” at the event “Brennpunkt IT-Sicherheit: Risiken - Strategien - Konzepte“ at the Technologiezentrum am Europaplatz in Aachen.
Stern.de published an article (German) about vulnerabilities, that RedTeam Pentesting demonstrated in cooperation with the Independent Centre for Privacy Protection Schleswig-Holstein (ULD).
In collaboration with the Independent Centre for Privacy Protection Schleswig-Holstein (ULD), RedTeam Pentesting revealed on behalf of the german TV show ZDF Frontal21 security vulnerabilities in MFPs (Multi Function Peripherals). The show airs on June the 3rd, 9:00pm.
The Slides of the talk “Penetration Testing - Praxis and Beyond” at the working group Security of the German speaking Bull User Society are now online.
The slides from the talk “Iterative Kompromittierungsgraphverfeinerung als methodische Grundlage für Netzwerkpenetrationstests” at the Sicherheit 2008 security conference are now online.
The slides from the talk “Ubiquitous IT Security - Warum die Firewall nicht schützen konnte” at the Sicherheit 2008 security conference are now online.
On 03/26/08, the german TV station WDR shows in its Servicezeit Familie program a report with RedTeam Pentesting about the dangers of online banking.
At the Sicherheit 2008 (2nd-4th of April 2008) conference we will be giving a talk about a graph-theoretic approach to estimating costs of penetration tests. As a sponsor of the conference we will also be present with a booth.
Two advisories concerning MapBender released.
The slides from the talk “Effiziente Beobachtung von Botnetzen” at the 15th DFN workshop “Sicherheit in vernetzten Systemen” are online.
The german print magazine Focus Magazin publishes a cover story about online banking security in issue 04/2008. RedTeam Pentesting has given an interview.
Claus Overbeck will give a talk about efficient observation of botnets at 15th DFN Workshop “Sicherheit in vernetzten Systemen”.
The slides from the talk “Botspy - Efficient Observation of Botnets” at the hack.lu security conference are online.
The slides for the workshop “Effektive Onlinerecherche im Internet” are online.
RedTeam Pentesting will hold a workshop (in german) on 09/29/07 with the topic “Effektive Onlinerecherche im Internet” (effective online research in the Internet) at the “Zukunftskongress Ethik 2.0 - Schöne neue Online-Welt?” of the Journalistenverband Baden-Württemberg and the DJV-Bundesfachausschuss Online.
Remote command execution in Alcatel-Lucent OmniPCX
All About Security has published an (German) interview with RedTeam Pentesting.
Four advisories concerning ActiveWeb Contentserver CMS released.
Two new advisories:
rt-sa-2007-002: Fujitsu-Siemens ServerView Remote Command Execution
rt-sa-2007-003: Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure
The slides from the German talk at the IHK Aachen (Chamber of Industry and Commerce in Aachen) can be downloaded in the publications area.
RedTeam Pentesting will support the event called IT-(Un-)Sicherheit - Augen zu und durch? Oder Penetrationtests durchführen lassen organized by the German Chamber of Industry and Commerce in Aachen at 03/21/07.
The slides from the German talk “IT-Security aus dem Nähkästchen - oder - »Das kann mir nicht passieren…«” are available for download in the publications section.
At February, the 7th - 8th, there will be a German it-security conference called “14. Workshop “Sicherheit in vernetzten Systemen” in Hamburg. RedTeam Pentesting will give a talk titled “IT-Security aus dem Nähkästchen - oder - Das kann mir nicht passieren…” there.
New articel in German magazin “Der EDV-Leiter” published. The article is available for download here (German PDF).
Dec. the 08th, RedTeam Pentesting will hold a talk about Pentesting. This will take place in the context of the event “IT-Security as a guarantee for success” at the AGIT, organized by ACC-EC.
New Advisory: Authentication bypass in BytesFall Explorer
RedTeam Pentesting held a talk at the Hack.lu 2006 about the cryptochallenge of the Hack.lu 2005. The slides can be downloaded under publications.
RedTeam supports the NRW-Forschungstag IT-Sicherheit. Besides the manifold talks there is a dedicated area with selected exhibitors. The event aims especially at a better co-operation between science and economy and takes place on Wednesday, October 25th, in Aachen. There is no entrence fee.
The German radio station Eins Live did an interview with RedTeam covering the subjects IT security in research and teaching as well as the experience of our daily work. There is an accompanying article in German available under the title “Hacken lernen in Aachen” (“learning to hack in Aix-la-Chapelle”).
The slides from the presentation at the OpenChaos can now be found under publications.
The news article “Studieren in der Grauzone” is linked under press. Die Zeit reports on world’s best hackers from Aachen.
The Chaos Computer Club Cologne e.V. (C4) invited RedTeam to give a talk within their OpenChaos events. The talk with the topic “Hacking for Security - Penetrationtests” will take place on Thursday, August 31st, 08:00 pm local time on the premises of the C4 and is open for everyone. The talk will be held in German.
Vulnerable regular expression in planetGallery discovered.
rt-sa-2006-006: Remote command injection
Two new security advisories regarding phpBannerExchange released: Especially interesting is the circumvention of the eregi()-input-checking using a nullbyte in rt-sa-2006-005 because of a design flaw in PHP.
rt-sa-2006-004: Authentication bypass in phpBannerExchange
rt-sa-2006-005: Unauthorized password recovery in phpBannerExchange
Podcast Clients: Two new advisories released: Prodder Remote Arbitrary Command Execution & Perlpodder Remote Arbitrary Command Execution
Added more information about PenTests
New advisory released: PAJAX Remote Code Injection and File Inclusion Vulnerability
In cooperation with the Center for Computing and Communication of RWTH Aachen University RedTeam will repeat the speech about penetration tests on March, 6nd, at 02:00 pm because of the great demand. The event titled “Hacking for your Security - Penetrationtesting - reloaded” will be in German again and the registration has just started.