Recent Posts

Categories

Archives

MySql default [insecure] installation in debian

April 12, 2007

i recently updated my MySql server and i am currently using the version.5.0.38-Debian_1-log If you ever wondered how MySql saves data on your hard disk, then this is best explained here. I will quote from the same website “Each database is a directory, with each table stored in a separate… Read More

Abusing Trackback utility

April 7, 2007

I was researching a bit into the wordpress trackback utility. This is how it works: You submit a post with trackback urls, and when you publish the post, the wordpress sends out a request to the URL you mentioned in the trackback URLs. Essentially this happens in the background. You—–>… Read More

WordPress 2.1.2 xmlrpc Security Issues

April 3, 2007

WordPress 2.1.2 xmlrpc Multiple Vulnerabilities: Affected Versions: These issues were reported in version 2.1.2,(current stable version) and its very likely that previous versions may also be vulnerable. 1. Privilidge Escalation: Under normal circumstances (through web interface) a user in contributor role only has access to following functions: a. read b.… Read More

Insecure Php coding

March 20, 2007

While testing a web application today, i noticed an unusual 302 HTTP response. Normally a 302 response just has a header and no html code, becuase its meant to be redirecting you to the page cited in the ‘Location’ field of the http header.� The 302 response had the html… Read More

Cookie Analysis

March 18, 2007

Webscarab is perhaps the only tool i can think of for this. I use this tool to figure out whether the session ids are predictable or not. The ‘visualisation’ feature is just great. Although the interface is not a very well designed and if you are a new user you… Read More