a4apphack

Archive for the ‘Code’ Category

Gruyere – Vulnerable Web Application At Google Code (Previously Jarlsberg)

Posted by rajivvishwa On May - 18 - 2010

Gruyere is a vulnerable application which can be used to learn and understand web vulnerabilities. Detailed documentation is provided on the type of the vulnerabilities present in the application and ways to exploits it.

Update: Jarlsberg is now Gruyere

This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you’ll get a chance to do some real penetration testing, actually exploiting a real application. Specifically, you’ll learn the following:

  • How an application can be attacked using common web security vulnerabilities, like cross-site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF).
  • How to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.

Documentation Here

Jarlsberg - Hosted Vulnerable App

Read the rest of this entry »

Code, Tutorials

HTML5 CheatSheet Project

Posted by rajivvishwa On May - 14 - 2010

HTML5 is a new and upcoming technology which has enough features to introduce potential security issues if not properly implemented. A new project has been initiated in Google Code to keep developers updated on the security concerns to be kept in mind while developing their apps with HTML5.

Description of Project in Authors Terms,

This project is an attempt to create a well maintained, informative and categorized cheat sheet to highlight HTML5 as well as other client side and related security issues and ways to avoid them. The project is meant to target web developers as well as security researchers and especially browser vendors since many of the problems we found are based on faulty or quirky implementations. Focus is on completeness, comprehensibility and timeliness as well as continuity – benefits many other related cheat sheets don’t exactly provide.

Read the rest of this entry »

Browser, Code

Disclosure of XSS Vulnerability in SharePoint 2007

Posted by rajivvishwa On May - 7 - 2010

An XSS vulnerability has been discovered and disclosed to public in SharePoint Server 2007 and Microsoft Windows SharePoint Services 3.0. The vulnerability could allow an attacker to run arbitrary script that could result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment.

This vulnerability is discovered by High-Tech Bridge SA and has been notified to Microsoft 12 April 2010. On the day of writing of this post, the vulnerability remains unfixed.

Read HTBridge advisory here

Vulnerable URL :

http://TARGETSITE/_layouts/help.aspx?cid0=MS.WSS.manifest.xml%00%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&tid=X

Screenshot

SharePoint 2007 XSS Vulnerability

Read more at Microsoft Security Advisory (983438)

Code

Subscribe RSS
Follow me on TwitterTechnoratiYoutube VidsLinkedIn ProfileDelicious

    Popular Posts

    Most Commented

    Recent Posts

    Recent Comments