Pen Test Partners writes about IoT and security in the Samsung smart camera SNH-6410BN. They discovered eleven (11) issues, chained together to gain root access. Got r00t?
Tag: security Page 2 of 5
This is a very interesting read on how Dario Weißer (@haxonaut), cutz and Ruslan Habalov (@evonide) were able to find a PHP unserialize bug to exploit and gain remote code execution on Pornhub. Pornhub’s bug bounty program is at Hackerone In stead of actively attacking Pornhub, they took another road and attacked what Pornhub is built upon: PHP.
Having an SSL certificate in your WordPress is the de-facto standard nowadays, did you know that? Google ranks sites having HTTPS higher in their SERP. But in WordPress, how do you configure an SSL certificate and HTTPS URL? You’ll learn the important steps to move WordPress from http to https in this post.
Here are 17+ valuable WordPress snippets for a site-specific plugin and
functions.php file that provides you a better WordPress experience. Enhance your WordPress site with these small PHP snippets: WordPress filters, actions and functions. Quickly add or extend the functionality you need for your WordPress website! Read on…
Someone posted to notehub.org an article on how he broke into his college’s WordPress website, without having any prior knowledge of WordPress, PHP, and without any experience with hacking web servers. The attempts were spread out over a month, but effectively totaled a day maybe. The author said to have learned a lot of things while doing the research part which accounted for most of his time, though. On NoteHub, he shares some of the relevant details and how he went along doing this.
Securify reports: A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker’s share. An attacker can use this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet. This issue can be exploited even if the Office document is opened in Protected View.
Sjoerd Langkemper writes about Cracking PHP rand():
Webapps occasionaly need to create tokens that are hard to guess. For example for session tokens or CSRF tokens, or in forgot password functionality where you get a token mailed to reset your password. These tokens should be cryptographically secure, but are often made by calling
rand() multiple times and transforming the output to a string. This post will explore how hard it is to predict a token made with
Using Windows Server File Server Resource Manager’s File Screens you can block vulnerable WordPress plugins from being saved on your IIS web server. In the following example, you’ll learn how to block WP DB Backup plugin system-wide on Windows Server, read on…
The Joomla security team have just released a new version of Joomla to patch a critical remote command execution vulnerability that affects all versions from 1.5 to 3.4. This is a serious vulnerability that can be easily exploited and is already in the wild.
OpenSSL comes in handy when you need to generate random passwords, for example for system accounts and services. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP…
Imperva’s Web Application Attack Report shows spam is WordPress’ largest security threat. Imperva, an international cyber security company founded in 2002, published its 2015 web application attack report. The report includes a thorough analysis of attack data obtained through its Web Application Firewall (or WAF).
Revived Wire Media’s PHP File Manager got some issues…
Sijmen Ruwhof, who also analysed the malware spread through NU.nl back in 2012, found some serious security vulnerabilities in a PHP web application called “PHP File Manager”. One, among others, is a backdoor for Revived Wire Media to use. How sick is that?! Another vulnerability makes it easy to download confidential files.