This week, we discuss the lack of information and where you might find more information about certain vulnerabilities. Seems like many companies fail to give out necessary and actionable information without paying an arm and a leg.

We also go over our DerbyCon CTF walkthrough, and discuss the steps to solve it.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-030-vulnerability_OSINT-derbycon_CTF_walkthrough.mp3 

Ms. Berlin is going to be at Bsides Wellington!  Get your Tickets NOW!

https://twitter.com/bsideswlg

https://www.bsides.nz/

RSS: http://www.brakeingsecurity.com/rss

Youtube Channel:  https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw

#iTunes Store Link:  https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#iHeartRadio App:  https://www.iheart.com/show/263-Brakeing-Down-Securi/

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/

--show notes--

NCC group talks in Seattle

NIST guidelines - no security questions, no SMS based 2fa

Vuln OSINT

Sites have information like Spokeo…

Breadcrumbs

Take Java for example (CVE-2017-10102): info is sparse

Other sites have more

https://tools.cisco.com/security/center/viewAlert.x?alertId=54521 - worse than Oracle’s site (impressive crappery)

Some are better: RHEL is fairly decent

https://access.redhat.com/errata/RHSA-2017:2424

Ubuntu has some different tidbits

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-10102.html

Arch has info

https://security.archlinux.org/CVE-2017-10102

Point is, just because you use a specific OS, don’t limit yourself… other OSes may contain more technical info. Some maintainers like to dig, like you.

https://vuldb.com/ - gives value of finding such a PoC for a vuln (5-25K USD for 2017-10102)

Derbycon CTF walkthrough

Looking for an instructor for an ‘intro to RE’ course.

Dr. Pulaski = Diana Maldaur

Dr. Crusher = Gates McFadden