Archive for June, 2007
WordPress Vulnerability Scanner
Just a quick note: A new version of my wp-scanner is available.
Check it out at BlogSecurity.
The command line version is no longer supported but is available here by request.
$ perl -x wp-scanner.pl http://testblog/wordpress/
WordPress Scanner starting: David Kierznowski (http://michaeldaw.org)
Using plugins dir: wp-content/plugins
[*] Initial WordPress Enumeration
[*] Finding WordPress Major Version
[*] Testing WordPress Template for XSS
WordPress Basic Results
[...]
Ad-Jacking Affiliate Anchor Tags
This article is part of my concept Ad-Jacking: XSSing for Fun and Profit.
Attacks of the future may utilise Web 2.0 and XSS to propogate worms for profit. The most obvious way to do this is via Ad-Jacking, a term I coined for a category of attacks that utilise a combination of XSS, JSON services and [...]
MD Hacker Anthology Starts Today
The June 2007 Hacker Anthology Competition kicks off today!
Submissions are now being accepted. Good luck.
