Computer Security, Denial of Service, Network Security, News, Web Security
I was at the CCC (28C3) congress in Berlin recently. Where the two researchers Alexander ‘alech’ Klink and Julian ‘zeri’ Wälde disclosed a DoS vulnerability affecting about all programming languages in the way they utilize hashtables. Funny thing is, most server technologies, PHP, ASP (.NET), Java variants, Pyhon (django) etc, all appear to be vulnerable to different variants of the attack. It consists of abusing the hashtable datastructure(s) in a way…
More+
Hidden ASCII (Art)
By Fredrik Nordberg Almroth
|
|
Pointless
What have been seen, cannot be unseen.
More+
Anti Alphanum PHP Shell
By Fredrik Nordberg Almroth
|
|
Pointless, Web Security
After my release about the Tiny PHP Shell, Mr. Gareth Hayes @ The Spanner made a non-alphanumeric variant. I got inspired by his nifty script and started researching further. My main plan was to create an array of data with different values in order to have something to work with. So my first shot was this: @$_[]=@!+_; PHP will try to parse the green underscore as a constant, when the interpreter…
More+
Advise
By Anonymous
|
|
Dreamhack, News, Pointless
Dear Rikspolisstyrelsen,
While examining our server logs we noticed that you are accessing our webpage.
It’s nice to see that you are interrested in IT security.
However, we also noted that you are running an old web browser version that has several published exploits against it.
More+
Send POST data to an embedded br (jQuery/javascript)
By Jelmer de Hen
|
|
Documentation
Some time ago I was in the need for a way in javascript to send a POST data to a file and load it’s contents in br format, the contents were in the form of application/PDF and the PDF would vary from what I would send in my POST values. Non-challenging as it sounds it still took me some time to figure out – not a problem should be solved…
