ush.it - a beautiful place

Port scanning with online services

January 29, 2006 at 3:12 am - Filed under Hacks, Insecurity, Language EN - 45 words, reading time ~0 minutes - Permalink - Comments

Some service misuse examples.

PHP5 Globals Vulnerability

January 25, 2006 at 9:30 pm - Filed under Hacks, Language EN - 769 words, reading time ~2 minutes - Permalink - Comments

PHP5 Globals Vulnerability: with ?GLOBALS[foobar] you can set the value of the un-initialized $foobar variable.

PmWiki Multiple Vulnerabilities

January 24, 2006 at 7:23 pm - Filed under Hacks, Language EN - 1063 words, reading time ~3 minutes - Permalink - Comments

This is both a PmWiki and PHP advisory, and works only with register_globals on. I totally missed the PHP GLOBALS[] GPC injection vulnerability and rediscovered that by my own (if just few month before! arg!). Basically in the worst scenario we are in front of two separate vulnerabilities: one regarding arbitrary remote file inclusion and code execution in PmWiki on PHP 5.x with globals on and the other about the reintroduction of a bug that should have been fixed in 5.0.5 but work (at last) on the 2 most recent version of PHP5.

Google XSS Example

January 15, 2006 at 12:37 am - Filed under Insecurity, Language IT - 266 words, reading time ~0 minutes - Permalink - Comments

L'articolo e' una traduzione in italiano di Google XSS Example.

Port scanner with dnsstuff

January 14, 2006 at 6:47 pm - Filed under Hacks, Insecurity, Language EN - 805 words, reading time ~2 minutes - Permalink - Comments

Dnsstuff is a great service often integrated in browser, widget and extension. They offer a number of tests (DNS Report, DNS Timing, WHOIS Lookup, Abuse Lookup, Domain Info, Spam database lookup, Reverse DNS lookup, IPWHOIS Lookup, City From IP, IP Routing Lookup, DNS lookup, Traceroute, Ping, ISP cached DNS lookup) and other conversion/math tools (URL deobfuscator, Free E-mail Lookup, CIDR/Netmask, E-mail Test, CSE HTML Validator, Decimal IPs). When applicable the tool is both ipv4 and ipv6 capable.

THP USH Wisec DigitalBullets