Vulnerabilities in Tightrope Media Systems Carousel <=7.0.4.104 (and likely newer)

While on a recent penetration test, I discovered a digital signage system made by Tightrope Media Systems (TRMS). The client was using this software on an appliance provided by TRMS which was essentially an x86 Windows 10 PC. I was able to gain access into the web-interface of this system due to an unchanged default

Vulnerabilities in Tightrope Media Systems Carousel <=7.0.4.104 (and likely newer) Read More »

Converting a Cheap ($2) ST-Link v2 Clone into a Hardware GPG Key

Several weeks back, I decided to re-explore the concept of hardware devices for storing GPG keys.  The Yubikey Neo, 4, and 5 all have this functionality (with varying key-length options depending on the model), but these devices are not inexpensive ($40+, though Wired magazine has been running a deal for the past several months where

Converting a Cheap ($2) ST-Link v2 Clone into a Hardware GPG Key Read More »

Fix for Cron Failing on VMware vCenter Server Appliance (VCSA) 6.5

When trying to enable scheduled jobs via cron on VMware VCSA 6.5 I kept seeing the errors below, and my job would not run. 2017-04-19T09:56:01.996673-04:00 VCSA crond[104661]: PAM _pam_load_conf_file: unable to open config for password-auth 2017-04-19T09:56:01.996797-04:00 VCSA crond[104661]: PAM _pam_load_conf_file: unable to open config for password-auth 2017-04-19T09:56:01.996907-04:00 VCSA crond[104661]: PAM _pam_load_conf_file: unable to open config for

Fix for Cron Failing on VMware vCenter Server Appliance (VCSA) 6.5 Read More »

Nginx (Reverse SSL Proxy) with ModSecurity (Web App Firewall) on CentOS 7 (Part 1)

Today I’ll demonstrate how to install the Nginx webserver/reverse proxy, with the ModSecurity web application firewall, configured as a reverse SSL proxy, on CentOS 7.  This is useful in scenarios where you are terminating incoming SSL traffic at a centralized location and are interested in implementing a web application firewall to protect the web servers

Nginx (Reverse SSL Proxy) with ModSecurity (Web App Firewall) on CentOS 7 (Part 1) Read More »