CSRF with MS Word

Update 28/11: It is interesting to note that MS Word 2003 will actually warn the user. Obviously, someone at Microsoft saw the potential for badness here. Good stuff. Microsoft Word has been plagued with vulnerabilities in the past. Therefore, mail servers often restrict email with the .doc extension. However, with applications like Microsoft SharePoint which […]

SQL Injection Cheat Sheet

Related articles: Input Validation Cheat Sheet (Want to find other input validation problems?) Table of Contents Generic – Bypass Authentication Microsoft SQL Sybase MySQL Oracle PostgreSQL DB2 Ingres Bypass SQL Injection Filters References and Credits ChangeLog Date Change 09/07/07 DB2 Database SQL Injection Cheatsheet(Author: pentestmonkey.net) 09/07/07 Ingres Database SQL Injection Cheatsheet (Author: pentestmonkey.net) 13/03/07 Bypass […]

Projects

WordPress Securify Plugin WordPress Securify (WPSec) is a security plugin for WordPress. Every hour the tests specified within WPSec will be executed. A count of “warnings” is displayed in the top right of the WordPress Admin panel. WordPress Securify ShellScript This project has been split into two parts. The first was a chunky shell script […]

Adobe Universal XSS

Discussion In September pdp and I did some really fun work involving backdooring PDF files. It opened alot of eyes and some back accounts in getting it fixed. Now Stefano Di Paola and Giorgio Fedon have found a way to perform universal XSS attacks on systems with Adobe Reader and Professional installed. Affected Versions According […]

Cross Context Scripting with Sage

Update: http://michaeldaw.org/md-hacks/rss-injection-sage-part-2/ I would often keep abreast of new vulnerabilities and exploits via my RSS feeds. Visiting page after page was just never fun. RSS allowed me to categorise, organise and track the security mayhem on the Internet. What was the point of employing a security analyst who was outdated and outgunned? I decided to […]

RSS Injection in Sage part 2

2 months ago, both pdp any myself released a vulnerability Cross Context Scripting in Sage. This issue was resolved in Sage release 1.3.7 (see: http://mozdev.org/bugs/show_bug.cgi?id=15101). I found a new vulnerability which affects the latest version, Sage 1.3.8. In addition to the XSS vulnerability, it should be noted (as in the previous vulnerability) that this issue […]