Hacking Play-to-Earn blockchain games: the case of Manarium

This post provides an overview of hacking play-to-earn blockchain games and common security pitfalls affecting P2E. It explains in detail how several vulnerabilities were discovered in a P2E game named Manarium.
Love letters from the red team: from e-mail to NTLM hashes with Microsoft Outlook

Introduction A few months ago Will Dormann of CERT/CC published a blog post [1] describing a technique where an adversary could abuse Microsoft Outlook together with OLE objects, a feature of Microsoft Windows since its early days, to force the operating system to leak Net-NTLM hashes. Last year we wrote a blog post [2] […]
Jury.Online smart contract security audit

Introduction This blog post presents the results of a security audit of a smart contract performed by Blaze Information Security, and made public on behalf of the client Jury.Online. This post contains the very same information and findings present in the report released at the end of March 2018. The audit was performed by Victor […]
ANNI tokens smart contract security audit

Introduction This blog post presents the results of a security audit of a smart contract performed by Blaze Information Security and made public on behalf of the client Array.io (formerly known as Annihilat.io). This post contains the very same information and findings present in the report published at the end of December 2017. The audit […]
Fuzzing proprietary protocols with Scapy, radamsa and a handful of PCAPs

Introduction As security consultants, we act as hired guns by our clients to perform black-box security testing of applications. Oftentimes we have to assess the security of applications that use their own proprietary schemes for communication, instead of relying on conventional protocols such as HTTP. Recently we were faced with a short-term engagement that involved […]
Practical attacks against GSM networks (Part 1/3): Impersonation

Introduction The Global System for Mobile Communications (GSM) is a mobile technology and the most popular standard for mobile phones worldwide. Originally known as Groupe Spécial Mobile, the GSM came through the CEPT (Conférence des Administrations Européenes des Postes et Télécommunications), that in 1982, worked to develop a standard for European digital cellular telecommunications. In […]
Turning Burp Scanner vulnerabilities into Splunk events

Introduction Splunk is a fully featured, powerful platform for collecting, searching, monitoring, and analyzing machine data. It is widely used by Security Operation Center (SOC) teams to provide advanced security event monitoring, threat analytics, incident response, and cyber threat management. Burp Suite is a must-have web application attack proxy tool used by security analysts around […]
A survey on the usage of HTTP security headers in Brazil and Estonia

Introduction In recent years a number of security-oriented client-side controls for web browsers appeared in the scene in form of security headers. These headers can be used to improve the security of the user experience when interacting with a web application with little additional effort and negligible performance overhead — essentially, they can serve as […]