Georgi Guninski Retires

Georgi Guninski sent an email to Full Disclosure today, claiming that he will be retiring from the public security scene. Pre-meditating the question of why, he writes, if one needs to ask for a reason: got old, got somewhat tired. Georgi has made excellent contributions to the security community for some time now. He has […]

Hacking HomePlug Networks

I dont know whether HomePlug networks are growing in use or not, but the following statements caught my attention: Officials at Intellon, the chip maker that developed the HomePlug spec, say that hacking into a HomePlug network would require cracking the governments DES encryption standard. – link My favourite: HomePlug specification products also protect data […]

AVs prove less-effective

Last year I started working on the Web Backdoor Compilation (WBC). The idea behind the project was the following: A tool to aid penetration testers and web developers with security testing document management applications. Recently I made a pre-v2 release of the tool, which has received even more feedback then the previous version and the […]

Getting Certified (Part II): Security Certs

Well what about security certifications? There are useful guides to certifications at about.com and dmiessler.com. Arguably, the better internationally known certifications listed are CISSP and SCNP. One recent addition into this arena is the Certified Ethical Hacker (CEH). Their course outline provides a very good background on what you should know as a security tester. […]

Web Backdoor Compilation

Web Backdoor Compilation (wbc) DK (http://michaeldaw.org) Changelog Date Change 24 Apr 07 Anti-Virus Capabilities (Work done by Dancho Danchev) 14 Apr 07 Version 1b (pre 1.2 release): perlcmd.cgi, cfexec.cfm, cmdasp.aspx Dec/06 Version 1 release. I have collected some WEB backdoors in the past to exploit vulnerable file upload facilities and others. I think a library […]

WordPress Adsense Deluxe Vulnerability

David Kierznowski of Operation n has discovered some serious flaws in the WordPress Adsense Deluxe plugin as part of the WordPress Angel Project. The vulnerability(s) affect all versions. This vulnerability reminds me of the the old Hacker movies, where a worm is released that steals random pennys from unsuspecting victims. This vulnerability is the closest […]

WordPress Persistent XSS

Vulnerability Title: WordPress Persistent XSS Author: David Kierznowski Homepage: http://michaeldaw.org Software Vendor: WordPress Persistent XSS Versions affected: Confirmed in v2.0.5 (latest) WordPress is a popular open source blogging software. A persistent XSS vulnerability has been found in WordPress (to be honest I have found a few problems and hope to publish these soon). This issue […]

WordPress template.php Exploit

Its been a few days since the release of: http://michaeldaw.org/md-hacks/wordpress-persistent-xss/. Other references: http://www.securityfocus.com/bid/21782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6808 Time to release a proof of concept exploit for this. I am sure the crackers will already be exploiting this in the wild. If you remember from my original advisory, our attack was limited due to our attack being passed through […]