Security
I just got to ask you this: Is security bugs just normal bugs? Or should they be treated special?
The reason I ask, is because of a statement made by Linus Torvalds in a discussion on the Linux kernel mailinglist just a few days ago.
So I personally consider security bugs to be just "normal bugs". I don't
cover them up, but I also don't have any reason what-so-ever to think it's
a good idea to track them and announce them as something special.
Today, I released version 0.8-dev of Munin, my PHP application firewall.
Munin 0.8-dev is available for downlod here.
I just posted this to Bugtraq, so I'll post it here to.
------------------------------------------------------------------------
Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search
------------------------------------------------------------------------
Author: Audun Larsen (larsen at xqus dot com)
Date: Dec 29, 2007
--AFFECTED SOFTWARE--------------------------
Name: phpWebSite
Version: 1.4.0
Release date: Dec 11, 2007
Developed by the Web Technology Group at Appalachian State University,
phpWebSite provides a complete web site content management system ( CMS ).
I often find myself in the need to create a md5/sha256 hash for various reasons. Most of the time I use Google to find a javascript tool that i can use. This is fine, but a bit inconvenient, so i decided to create a little script that can create all sorts of hashes from a string.
phpSysInfo 2.5.4 was released yesterday, to fix a security issue.
The latest release of phpSysInfo can be downloaded here.
One of the new wonders in PHP 5.2 is the filter extension. This extension has just seven function, but still provides an extremely powerful way of handling user input.
One of my most popular posts is one from 2005 about regenerating session id's in PHP.
Because of this I thought it was about time I wrote an updated post about this topic.
Why should I regenerate the session ID?
One reason. To prevent session hijacking.
Session hijacking is when a hacker get to know a user's session ID, and uses it to pretend he is that user.
This is probably old news for any HD-DVD fans, but anyways.
On April 30. 2007 the encryption key for the HD-DVD leaked from an unknown source. The key will make it possible to play a protected HD-DVD on any player on any OS (Linux, anyone?). It will also open up for creation of programs analagous to DeCSS for DVDs.
09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-C0
Here is a simple proof of concept cookie stealer.
To use it you have to exploit a XSS vulerability and insert (for example) the following code.
I'm obsessed with XSS, I can't help it. Whenever I stumble upon a new site I test it for common XSS attacks.
The real scary thing here is that most sites are in fact vulnerable. Usually I send the webmaster an e-mail, and I get a thank you wery much back.
Some weeks ago while trying to log in to my online bank, I entered the wrong account number and an error message was returned. I noticed that the account number i entered the first time was used as the field value on the new login screen. I couldn't help it, and tried with one of the most common XSS payloads: ">.