Sunday, 19 May 2013

"One does not simply finds a DOM based XSS without js analysis"

Checkout this cool blog from Prakhar Prasad (http://blog.prakharprasad.com/), they setup an interesting XSS challenge that requires code analysis to solve, here: xss.prakharprasad.com (also thanks to MaXoNe who I think contributed to it).

Saturday, 18 May 2013

CGI-C Shell - PHP disabled functions/Safe Mode Bypass Shell source [Windows/Linux]

When Safe mode is on it can be a pain to do what you want to do on the system. Being able to access CGI solves this problem, and here is my implementation of a shell (safe mode bypass) in C for windows and linux.

Wednesday, 15 May 2013

Persistent XSS in wysiwyg module CKEditor below 4.1 - drupal 6.x 7.x

This persistent XSS vulnerability requires a little bit social engineering to work, see the report below:

Friday, 10 May 2013

How to shell a server via image upload and bypass extension + real image verification

During a website audit, upload forms and other interactive 'user-content' driven facilities are often found to be protected by client side and/or server side security checks. This tutorial presents the methods that can be used to circumvent these security checks. In this case we're specifically considering image uploads that allow JPG files in particular.