IDS Bypass contest at PHDays: writeup and solutions

Positive Hack Days 2019 included our first-ever IDS Bypass competition. Participants had to study a network segment of five hosts, and then either exploit a service vulnerability or meet a particular criterion (for example, send a certain HTTP response) in order to get a flag. Finding an exploit was easy, but the IDS complicated things as it stood between the participants and the hosts, checking … Continue reading IDS Bypass contest at PHDays: writeup and solutions

WAF Bypass at PHDays VII: Results and Answers

Continuing the tradition of past years, the WAF Bypass contest was held at last month\’s PHDays. Participants tried to bypass PT Application Firewall protection mechanisms in order to find special flags accessible through vulnerabilities specially left in web applications. In a series of challenges, the organizers disabled different features of PT Application Firewall, leaving a \”way in\” for participants to take advantage of. The focus … Continue reading WAF Bypass at PHDays VII: Results and Answers

PHDays VI: WAF Bypass Contest

The WAF Bypass competition, now an annual event held during Positive Hack Days, an international forum on information security, was organized in May this year as well. The contest’s participants attempted to bypass the security checks of PT Application Firewall that protected vulnerable applications. Positive Technologies specialists had introduced configuration errors that allowed some bypassing of the system. The goal of each task was to … Continue reading PHDays VI: WAF Bypass Contest

WAF Bypass at Positive Hack Days V

As it did last year, the PHDays forum on information security hosted WAF Bypass this year as well. The contest\’s participants tried to bypass the protection of PT Application Firewall, Positive Technologies\’ product. For this contest, the organizers developed the site Choo Roads, which contained common vulnerabilities, such as Cross-Site Scripting, SQL Injection, XML External Entities Injection, Open Redirect. Upon exploiting one of the vulnerabilities, … Continue reading WAF Bypass at Positive Hack Days V

Schneider Electric Thanks the Winner of the Positive Hack Days Hacker Contest

Early April, Schneider Electric has released several updates and patches fixing vulnerabilities in the software used for creating SCADA and HMI systems at nuclear power plants, chemical plants and other critical units. The vulnerabilities which even a novice attacker could exploit were found in InduSoft Web Studio 7.1.3.2, InTouch Machine Edition 2014 7.1.3.2 as well as previous versions of these products. Among bugs fixed — … Continue reading Schneider Electric Thanks the Winner of the Positive Hack Days Hacker Contest

Review of Hash Runner Tasks

Intro This year, Hashrunner had been taking place during three days before Positive Hack Days — from May, 16 19:00 (UTC+4, Moscow) till May, 19 19:00 (UTC+4, Moscow). Among other matters, we were trying to respect the interests of all geographically dispersed teams and cover 48 hours of two weekend days for every time zone. We received great positive feedback about including the whole weekend … Continue reading Review of Hash Runner Tasks

Review of Competitive Intelligence Tasks

Today we\’d like to speak about certain practical aspects of confidential data gathering in terms of tasks of the online contest Competitive Intelligence, which was held during May 15, 16 and 17. This time tasks were more difficult as compared to the last year\’s contest. A competitive intelligence researcher needs a great number of different skills and should be able to handle various tools and … Continue reading Review of Competitive Intelligence Tasks

Gaining Control Over Cloud Infrastructure. Easy as One, Two, Three

Several months ago the Positive Research Center analyzed security of Citrix XenServer. Among other things, we studied the security of administration interfaces, and web interfaces of various system components in particular. As a result, we managed to find several critical vulnerabilities, which allow obtaining control not only over these components but over the master server as well, that is over the whole cloud infrastructure. The … Continue reading Gaining Control Over Cloud Infrastructure. Easy as One, Two, Three