Archive for May, 2007
XSS for Fun and Profit
Ad-Jacking part 1
Ad-Jacking is a term I coined for this article to categorise covert Ad hacking schemes. Why Ad-Jacking, well because thats effectively what we are doing.
Understanding this paper requires us to have a little understanding around
what types of Ads make us money. So firstly let us go over the current Ad
system; the following table [...]
Web Backdoors Getting Better
pentestmonkey sent me a link to his latest projects, “php-reverse-shell” and “perl-reverse-shell”. He has some great ideas here and I will definately be taking a look at these projects, and hope to add them to the Web Backdoor Compilation in an upcoming release.
There is still alot of work that needs to be done in this [...]
June 2007 Hacker Anthology Competition
Competition Summary
Title: June 2007 Hacker Anthology Competition
Opens: 1 June 2007
Closing date: 1 September 2007
Results: 10 September 2007
Judges: DK, JJ and x1 TBC
Overview: Anything goes, so long as it is well written, includes Michael Daw and of course HACKING! The story does not have to be technical in nature but well conceived.
Questions: Any queries can be [...]
BlogSecurity.net gets Launched
After recognising the need, and taking hints from KaiTou’s sarcasm :), I am happy to announce the launch of http://blogsecurity.net.
BlogSecurity is a site dedicated to providing useful and critical security information for the blog community. We understand that it is difficult to keep track of the latest security vulnerabilties and version updates, and [...]
WordPress Adsense Deluxe Vulnerability
David Kierznowski of Operation n has discovered some serious flaws in the WordPress Adsense Deluxe plugin as part of the WordPress Angel Project. The vulnerability(s) affect all versions.
This vulnerability reminds me of the the old Hacker movies, where a worm is released that steals random pennys from unsuspecting victims. This vulnerability is the closest I [...]
