Archive for the ‘Hacks and Bugs’ Category
Sunday, July 6th, 2008
People have hacked Digg before. This guy found an xss injection that allowed him to force users to Digg his articles. Digg happily patched the problem and went on with their business. However, there is another problem with Digg that has to do with their content parsing system. The difference ...
Posted in Hacks and Bugs, How-To, Security, Technology | 5 Comments »
Monday, June 23rd, 2008
Introduction
Most of us have seen movies where the thief takes control of a video cameras and shuts it down or switches it to a fake feed with his laptop. It's not just fiction, and this article will show you how to do it.
By video surveillance systems I refer to ...
Posted in Hacks and Bugs, How-To, Security, Technology | 3 Comments »
Monday, June 9th, 2008
Some people might say that the difference between a seasoned hacker and a script kiddie is that the script kiddie will take a vulnerability from someone else, and a hacker will find the vulnerability himself. There is another difference that is crucial to a seasoned hacker. A seasoned hacker will ...
Posted in Hacks and Bugs, Security, Technology | 2 Comments »
Monday, May 26th, 2008
Any experienced admin will tell you that it is very easy to figure out which lines in an http log are hack attempts and which are not. If you don't know, you're about to find out. It is actually normal to find very large amounts of malicious traffic in your ...
Posted in Hacks and Bugs, How-To, Security, Technology | No Comments »
Saturday, May 3rd, 2008
Today's post will include 3 different languages: html, php and sql. There is a mysql database, a php backend and an html form to try out different injections, as well as a sample injection and vulnerable/patched code.
We'll start off by making a sample table in mysql:
[sourcecode language='sql']
CREATE TABLE `example`.`users` (
`id` ...
Posted in Hacks and Bugs, Security, Technology | 1 Comment »
Wednesday, April 30th, 2008
Last time we covered XSS in php. What about perl? It turns out there's an even more in house solution to XSS in perl, because it has been used so long for cgi. We'll use the same basic example.
[sourcecode language='html']
alert('XSS!');
[/sourcecode]
This is the XSS attack.
[sourcecode language='html']
This script is vulnerable to ...
Posted in Hacks and Bugs, Programming, Security, Technology | No Comments »
Wednesday, April 30th, 2008
If you're at all knew to web development, it's possible that you haven't heard of XSS. Maybe you have heard of it, but you don't know the technical details? This article will shed some light on the basics of coding against XSS in php, with vulnerable and patched code examples, ...
Posted in Hacks and Bugs, Programming, Security, Technology | 2 Comments »