ush.it - a beautiful place

Reflection on Stefano Di Paola

May 29, 2007 at 12:37 am - Filed under Team, Reports, Language EN - 728 words, reading time ~2 minutes - Permalink - Comments

Anurag Agarwal has published a reflection on our friend Stefano Di Paola. The interview contains a condensed auto-biography (nice reading, thanks Stefano!); integral text follows.

Shadowpage vulnerability: the page that doesn't exists (Multiple browsers affected)

May 7, 2007 at 12:15 pm - Filed under Hacks, Language EN - 179 words, reading time ~0 minutes - Permalink - Comments

Yesterday I (Francesco `ascii` Ongaro) found a low impact bug: basically it is possible to make the user visit a page that is not listed in the back/next button history. The fun happens when self.location.replace() is pointing to a page that issues an HTTP/1.x 302 Redirect + Location. Both initial and redirect page will not be listed.

Interview with Rain Forest Puppy

May 1, 2007 at 9:09 pm - Filed under Reports, Language EN - 3236 words, reading time ~10 minutes - Permalink - Comments

Antonio `s4tan` Parata, software security researcher and member of the ush team interviews Rain Forest Puppy, famous bug hunter, specialized in web application assessment. It's a pleasure for us to publish the full interview, in this case talk is not cheap.

Reed's Alert! Got something burning? Tell USH team.
THP USH Wisec DigitalBullets