Matasano Domain S3 Takeover

Readers will recall Matasano Security as the company co-founded by Thomas Ptacek, Dave Goldsmith and Jeremy Rauch.  The industry history behind the founding of @stake, the acquisition by Symantec and later formation of iSEC Partners and Matasano Security is rich and a worthy reading endeavor, but I digress.

It's been quite a few years since the 2012 acquisition of Matasano Security by NCC Group.  While I'm unsure of who is maintaining what these days, both cryptopals and microcorruption, exercises originally developed and maintained by Matasano Security, are still hosted and actively in use.

In fact, I was just watching Dave Aitel solve some of these challenges live and noticed something interesting.  There was a link to the careers page of Matasano Security on which returned this gem.

Looks as if NCC Group has lost track of their web property.  They are still the owner of the domain via whois but it appears the s3 bucket that was backing no longer exists.

Of course, I quickly created the s3 bucket...

While I opted for a very mild cowsay troll, there are probably some really fun ways to make this takeover impactful through 'Bug Alchemy' (i.e. taking seemingly bad bug(s) and turning them into gold via augmented targeting, tooling, combining ancillary capabilities, etc).

I reached out to NCC Group with the details of this issue and they took back control over the property in about 18 hours.  I really appreciated their open and quick communications.

Popular Posts