-
Hackme Casino v1.0 Released
"Hacme Casino is an online casino, built with Ruby on Rails, with plenty of AJAX functionality. It has security vulnerabilities baked- in, and is meant to help educate developers and testers about web application security in the context of new technologies. If you are interested in the security aspects Ruby on Rails and AJAX, give…
-
Pentagon hacker says charges have been manufactured
"The hacker at the centre of an extradition storm after he broke into the US Military and NASA computer systems has said the charges against him in the US have been manufactured to ease his extradition there. "For it to be extraditable under their computer laws in America you have to have caused $5,000 worth…
-
Stealing User Information Via Auto Form Filling
Rsnake has an interesting blog entry (yes it's a few days old, I don't read it daily, so whatever) regarding utilizing XSS to steal auto form fill values. "Some (not all) automated input automation tools do so blindly. That is, they don't ask for user input when they input data. In fact they don't really…
-
Frontpage takes down superhacker
"Kevin Mitnick, the notorious former hacker turned security consultant and tech celebrity, has been targeted by Pakistani crackers in a series of web face defacements attacks. Four websites associated with Mitnick's various ventures were sprayed with digital graffiti on Monday in an apparently personal attack. The sites defensivethinking.com, mitsec.com, kevinmitnick.com and mitnicksecurity.com (which all run…
-
Accessing Java Clients with the BeanShell
"Assessing the security of Java applications, and particularly client- server applications, can be a tedious process of modifying the code, compiling, deploying, testing and repeat. This becomes even more difficult when the source code to the application is not available. What security testers require is an easy means of interacting with the internals of a…
-
Ruby On Rails Mandatory Security Patch Issued
"We're still hard at work on Rails 1.2, which features all the new dandy REST stuff and more, but a serious security concern has come to our attention that needed to be addressed sooner than the release of 1.2 would allow. So here's Rails 1.1.5! This is a MANDATORY upgrade for anyone not running on…
-
Microsoft Team RSS Blog discusses more RSS Risks
The microsoft guys started a blog entry regarding my talk at blackhat/whitepaper. "We designed and implemented the RSS features using the principles of the Secure Development Lifecycle as embraced by Microsoft. One of the principles is defense in depth. The idea being, even if script somehow were to sneak by the first layer of defense,…
-
Mod_python 3.2.10 Released
"The Apache Software Foundation and The Apache HTTP Server Project are pleased to announce the 3.2.10 release of mod_python. Mod_python 3.2.10 is considered a stable release, suitable for production use. Mod_python is an Apache HTTP Server module that embeds the Python language interpreter within the server. With mod_python you can write web-based applications in Python…
-
Feed Injection in Web 2.0: Hacking RSS and Atom Feed Implementations
This is a copy of the slides I used at my Blackhat 2006 talk and a link to the paper accompying it. Zero Day Subscriptions: Using RSS and Atom Feeds As Attack Delivery Systems (Power Point) Feed Injection in Web 2.0: Hacking RSS and Atom Feed Implementations (Remote Copy)
-
RSS and Atom Security risks whitepaper is out!
I started researching RSS and Atom feed vulns last September but got distracted for 6 months or so with work/life. I've written a basic paper discussing the issues relating to Cross Site Scripting and web based feeds. I cover the risks associated with the following types of readers: * Web Based Readers (such as bloglines)…
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack