Tuesday, June 23rd, 2009
For several years, Cross-Site Scripting (XSS) attacks have plagued many of the web’s most popular sites and victimized their users. At Mozilla, we’ve been working for the last year on a new technology called Content Security Policy, designed to shut these attacks down. We wanted to give a bit of ...
Posted in Coding, Internet, Security | No Comments
Monday, June 22nd, 2009
I was contacted privately about this, so I thought I would post a step-by-step guide on how to capture keystrokes from a target machine using Metasploit.
Instead of posting a ton of screenshots, I will provide the commands in text below, step-by-step:
msf > use exploit/windows/smb/ms08_067_netapi (only an example - use whatever ...
Posted in Privacy, Security | 4 Comments
Thursday, June 18th, 2009
Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications.
The so-called Ardilla tool uses a technique developed by the researchers -- MIT's Adam Kiezun, the University of Washington's Michael Ernst, Stanford's Philip Guo, and Syracuse University's Karthick Jayaraman -- that creates ...
Posted in Coding, Internet, PHP, Security, Software | No Comments
Thursday, June 18th, 2009
Yesterday an interesting HTTP DoS tool has been released. The tool performs a Denial of Service attack on Apache (and some other, see below) servers by exhausting available connections. While there are a lot of DoS tools available today, this one is particularly interesting because it holds the connection open ...
Posted in Internet, Linux, Security | No Comments
Wednesday, June 17th, 2009
Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark 1.2.0 has been released. This is the new stable release branch of Wireshark and many new and exciting features have been added since 1.0 was released.
In ...
Posted in Internet, Networking, Security, Software | No Comments