WordPress SQL column truncation vulnerability
This vulnerability has been published some days ago where an attacker could create a duplicated “admin” user and recover the legitimate “admin” password. SQL column truncation is an attacking...
View ArticleSCADA Security
It is interesting to see how security research is a kind of a living being. Almost by nature security rearchers focus their efforts in whatever is more familiar to them, resulting in a vast amount of...
View ArticleMS vulnerabilities and worms
Time between vulnerability disclosure and worm spread has been drastically reduced. The MS08-067 vulnerability has been published some hours ago. Microsoft rated this vulnerability as critical, as a...
View ArticleExploiting SQL injection vulnerabilities with Metasploit
In this post we are going to show how to exploit a SQL injection vulnerability on a web application using Microsoft SQL server backend where xp_cmdshell is available to the attacker. Given a...
View ArticleCVE-2011-3368 PoC – Apache Proxy Scanner
A recent Apache vulnerability has been made public whereby an attacker could gain unauthorised access to content in the DMZ network: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42,...
View ArticleCVE-2011-4107 PoC – phpMyAdmin Local File Inclusion via XXE injection
An interesting local file inclusion vulnerability has been recently published. An XXE (XML eXternal Entity) injection attack, which affects phpMyAdmin 3.4.x previous to 3.4.7.1 and 3.3.x previous to...
View ArticleFortiOS Remote Access Web Portal – XSS Vulnerability
Overview: Fortinet delivers a comprehensive portfolio of security gateways and complementary products. FortiGate platforms integrate the FortiOSâ„¢ operating system with FortiASICâ„¢ processors and the...
View ArticleStacked based MSSQL blind injection bypass methodology
If you have a blind SQL injection you are already in a good position. Exploitation however, depending on the type of the blind SQL injection, can take time. This post is part of a methodology used for...
View ArticleHow easy would it be for a cyber criminal to gain control of a plane in mid-air?
The disappearance of flight Malaysia Airlines MH370 has raised questions about why it is taking authorities so long to find out the aircraft’s location – with lots of people asking ‘why don’t they just...
View ArticleReverse Engineer Router Firmware – Part 1
This series will follow the process of reverse engineering router firmware with the purpose of discovering any vulnerabilities that could be used either remotely or locally to compromise the router. In...
View Article
More Pages to Explore .....