Call: 020 3095 0500
Twitter Linked In YouTube
Securing your business, together

More about Pen Test Partners ▾

Using hexdump analysis for firmware extraction: A how-to

Posted on Monday, October 20th, 2014 by David Lodge.

Introduction This week I’m going to go into (drum roll please) firmware extraction! A thrilling subject at the best of times, which I’m sure you’ll agree is just the thing to read whilst weeping into your microwaved meal at your solitary existence. Why would you want to extract firmware from a device in the first […] Read More

Efficient Password Cracking Where LM Hashes Exist for Some Users

Posted on Friday, October 17th, 2014 by Jamie Riden.

Sometimes you end up with a great many Windows domain passwords that need cracking – either because you have compromised the domain controller and exported them yourself, or because the client has asked you to perform a password audit and has supplied the database to you themselves. As you know, LM hashes are insecure, and […] Read More

Critical SQL Injection Vulnerability in Drupal 7.0-7.31

Posted on Thursday, October 16th, 2014 by Jamie Riden.

Stefan Horst of SektionEins discovered a critical SQL injection vulnerability in Drupal 7. All users on versions prior to 7.32 are encouraged to update as soon as possible. As everything needs a name this one has the grand/ridiculous title of “Drupalgeddon”. It appears that the impact/s could be quite severe – a worst case scenario […] Read More

<< Older posts