http://blog.gmane.org/gmane.comp.security.websecurity hourly 1 1901-01-01T00:00+00:00 http://gmane.org/img/gmane-25t.png http://gmane.org http://comments.gmane.org/gmane.comp.security.websecurity/8498 <pre>Dear All, Here we are with the 28th issue of ClubHack Magazine. This issue covers following articles:- 0x00 Tech Gyan - Steganography over covert channels 0x01 Tool Gyan - Kautilya 0x02 Mom's Guide - HTTPS (Hyper Text Transfer Protocol Secure) 0x03 Legal Gyan - Section 66C - Punishment for identity theft 0x04 Code Gyan - Don’t Get Injected – Fix Your Code 0x05 Poster - "Look both side before crossing one way track" Check http://chmag.in/ for articles. PDF version can be download from:- http://chmag.in/issue/may2012.pdf Send us your feedback, articles at info&lt; at &gt;chmag.in Regards, Team CHMag http://chmag.in/ _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Abhijeet Patil 2012-05-21T06:13:43 http://comments.gmane.org/gmane.comp.security.websecurity/8497 <pre>Hi, I am running into one issue with XSS and was interested if there is any way I can bypass it. Following the response code where user supplied input is embedded. Input is taken via a text box. *&lt;script type="text/javascript"&gt;alert('No Information is found for the card 1');&lt;/script&gt;* User supplied input *1* is highlighted in red. I am trying to break out of this alert box, however when a single quote is given as input, the output is escaped using a backslash. It is as follows: * Input:* *1'** Output:** &lt;script type="text/javascript"&gt;alert('No Information is found for the card 1\'');&lt;/script&gt;* I am using IE 8 and tried using back ticks just to check if I can get around this limitation, however it did not work. Any suggestion on how to break out of this would be much helpful. All characters except the *single quote, &lt;!-- and &lt;/script&gt;* are working. Using a I tried the following vector to escape out: *Input:* *1`);alert(1);(`'**);** Output:** &lt;script type="text/javascript"&gt;alert('No Information is found for the card 1`);alert(1);(`');&lt;/script&gt; *Appreciate* *your help and support in advance. * *Thanks,* * </pre> Chintan Dave 2012-05-18T06:34:59 http://comments.gmane.org/gmane.comp.security.websecurity/8496 <pre> Hi All, There is a new web application vulnerability scanner available. It is called WebVulScan and it is open source. Here is the link for it if you want to check it out: http://code.google.com/p/webvulscan/ Regards, Dermot Blair _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Dermot Blair 2012-05-15T21:37:48 http://comments.gmane.org/gmane.comp.security.websecurity/8494 <pre>Dear all, Two examples come to my mind when I think about classic examples of secure software development: OpenSSH and Qmail. Both a) were designed with security in mind b) were heavily audited (--&gt; open source) c) are widely used in security sensitive environments for long times (&gt; 10 years) d) had relatively few known security bugs despite b), and c). My question is: Are there any web applications that can be seen as a classic example of secure software development on the web (similar to OpenSSH and Qmail in the network service area)? Thanks, Sebastian --- Sebastian Schinzel Universität Erlangen-Nürnberg Lehrstuhl für Informatik 1 IT-Sicherheitsinfrastrukturen Web: http://www1.cs.fau.de/ Twitter:http://twitter.com/seecurity _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Sebastian Schinzel 2012-05-15T10:50:52 http://comments.gmane.org/gmane.comp.security.websecurity/8493 <pre> . ______________________________________ ._\\. Breakpoint 2012 (___. : Intercontinental Rialto : : Melbourne, Australia : : October 17th-18th : :__ . ___: )____________________________________\\ . www.ruxconbreakpoint.com www.twitter.com/ruxconbpx Introduction ------------ Breakpoint is a new security conference to be held on the 17th and 18th of October, in Melbourne Australia. The event will show case the work of expert security researchers from around the world on a wide range of topics. Breakpoint is organised by the Ruxcon conference team and will offer a specialised and more professional security conference to complement and lead into the larger and more casual Ruxcon weekend conference. Breakpoint will cater towards security researchers and industry professionals alike, with a focus on cutting edge security research. With just one day separating both conferences, Breakpoint presents a great opportunity for our selected speakers to receive a complimentary trip to Australia and experience both the Breakpoint and Ruxcon conferences, not to mention the great weather, awesome parties, and friendly people. Melbourne is Australia's cultural capital, with Victorian-era architecture, extensive shopping, museums, galleries, theatres, and large parks and gardens. It is a city of many subcultures, personalities and styles, and it is these layers that make it so interesting. Melbourne has a vibrant arts and music scene, eccentric cafes, cobbled lane-ways, quirky shops, intimate bars and restaurants, and is known as one of the world's great streetart capitals. Important Dates --------------- * May 10 Call For Presentations Open * July 30 Call For Presentations Close * October 15-16 BreakPoint Training * October 17-18 BreakPoint Conference * October 20-21 Ruxcon Conference Topic Scope ----------- Topics of interest include, but are not limited to: o Mobile Device Security o Exploitation Techniques o Reverse Engineering o Vulnerability Discovery o Rootkit Development o Malware Analysis o Code Analysis o Virtualization, Hypervisor Security o Cloud Security o Embedded Device Security o Hardware Security o Telecommunications Security o Wireless Network Security o Web Application Security o Law Enforcement Activities o Forensics o Threat Intelligence o You get the idea Submission Guidelines --------------------- In order for us to process your submission we will require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Breakpoint * Preference will be given to presentations that contain original research that will be first presented at Breakpoint. * As a general guideline, BreakPoint presentations are between 45 and 60 minutes, including question time. If you have any enquiries about submissions, or would like to make a submission, please send an email to bpx&lt; at &gt;ruxconbreakpoint.com Speaker Benefits ---------------- Speakers at BreakPoint will be entitled to the following benefits: - A round trip economy airfare to Melbourne (total cost limit applies) - Three nights accommodation at the Intercontinental Rialto - Complementary registration for Breakpoint and Ruxcon conferences - Invitation to all BreakPoint and Ruxcon parties - Unlock 'Presented on world's smallest continent' achievement * All speaker benefits apply to a single speaker per submission. Contact ------- If you have any questions or queries, contact us at: * Email: bpx&lt; at &gt;ruxconbreakpoint.com * Twitter &lt; at &gt;ruxconbpx _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> cfp< at >ruxcon.org.au 2012-05-10T11:48:16 http://comments.gmane.org/gmane.comp.security.websecurity/8492 <pre>Hello participants of Mailing List. As I've wrote last month in the list, I've presented full translation of my articles (in a form of new complex article), which I told you briefly in my post Bypassing of security mechanisms (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-September/008051.html). And now I will tell you about other my articles, written in September 2011 and in April 2012. Request full translation of any of them if needed. I'll tell you briefly about my two articles concerning bypassing web antiviruses and attack via tables corruption in MySQL. Which I wrote in September and in April accordingly. These topics should be interesting for you (especially for those, who haven't read them before). 1. Effective use of cloaking against web antiviruses http://websecurity.com.ua/5359/ In this article I told more about the cloaking - the way how web antiviruses became fighting with it and other ways of bypassing them with cloaking. This is third article in my series about bypassing of web antiviruses (after 2010's "Bypass of systems for searching viruses at web sites" and 2011's "Bypassing of behavioral analysis or malware strikes back"). After my 2010's article, where I wrote about such simple and well known way of hiding from web antiviruses bots as cloaking, which similarly used from 90s for hiding from search engines bots, in August 2011 I've found the first change. If I've made my own web antivirus immune to cloaking already in 2008 (from the first version), then from other vendors, such as search engines, we had need to wait. And in the end of August 2011 I've found Google's bot, who changed its UA. But due to other mistakes, it couldn't hide well his true face :-), so it was possible for malware to use cloaking for hiding from the bot. So it's needed to fight with cloaking more effectively. 2. Attack via tables corruption in MySQL http://websecurity.com.ua/5796/ In this article I told about attacks on web applications via tables corruption in MySQL. This attack I've described in 2009 (in my advisory about WordPress) and later in 2011 (in my advisories concerning IPB), but now I've wrote detailed article about it. Best wishes &amp; regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> MustLive 2012-05-05T20:50:36 http://comments.gmane.org/gmane.comp.security.websecurity/8491 <pre>Hi everyone, WOOT is the USENIX Workshop on Offensive Technologies and this year will focus on the future of web exploitation and HTTPS security. One of the specificity of WOOT is that it is meant to be a a bridge between the industry and the academic world which always give rise to interesting discussion :) So if you just gave a cool talk at BSide or got something interesting planned for Black Hat or DEFCON, it is exactly the type of work we'd like to see submitted to WOOT. Don't be shy, it will be a very fun workshop ! The WOOT call of paper is available here: http://ow.ly/aH1X0 -- Elie http://elie.im - Twitter: &lt; at &gt;elie _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Elie Bursztein 2012-05-04T05:25:50 http://comments.gmane.org/gmane.comp.security.websecurity/8489 <pre>New post on abusing password managers with Cross-Site Scripting. http://labs.neohapsis.com/2012/04/25/abusing-password-managers-with-xss/ _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> mastah yeti 2012-04-30T16:30:35 http://comments.gmane.org/gmane.comp.security.websecurity/8487 <pre>Dear security experts, Hacking-Lab is proud to announce the upcoming online OWASP 2012 hands-on competition about web security issues. The competition will start next Tuesday (May 1 2012) and ends June 17th, 2012. It's all about web security, including the Greece Hackademics challenges plus some advanced Hacking-Lab challenges. The winner will gain a free ticket to either the OWASP AppSec EU conference in Athens or AppSec US. Winner Selection Criteria a) how many points you receive (complete) b) how complete your solutions are (quality) c) how fast you are completing the challenges (time) d) creativity, unseen solutions, geek factor The OWASP GEC (Global Education Committee) and Hacking-Lab have the right to select the winner in case of identical a) to d) levels. OWASP teachers, Hacking-Lab volunteers, Compass Security Switzerland staff are not allowed to play. Sorry for that, folks. Checkout the upcoming "OWASP 2012 Online Competition" here * https://www.hacking-lab.com/events/ Train your Brain - Explore Hacking-Lab with this free online security competition. Kind Regards Ivan Buetler, E1 _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Ivan Buetler 2012-04-29T19:15:30 http://comments.gmane.org/gmane.comp.security.websecurity/8486 <pre>First off, my anal retentive side simply *MUST* correct you: It's "padding oracle". An "oracle" is a system which provides answers to specific types of questions. In cryptography, there is a concept of "padding", extra data appended to the unencrypted message to satisfy the length requirements of a block cipher, which requires that data it is encrypting is to be of a certain length. A padding oracle normally only will reveal if an encrypted message, when decrypted, is properly padded. Vaudenay presented at EUROCRYPT that with PKCS#5 padding, a padding oracle can actually be used as a decryption oracle, given the ability to make lots of submissions to the padding oracle. This allows us to decrypt arbitrary data using a padding oracle. Thai Duong and Juliano Rizzo applied this theoretical attack in a practical way: against Web applications. They also presented a way of using padding oracles as encryption oracles, allowing encryption of arbitrary data. The ASP.NET framework not only had padding oracle flaws, it used PKCS#5 padding, reused keys between different parts of the application, and provided a mechanism for disclosing file contents for any file name you could encrypt. While PadBuster is a generic tool for exploiting padding oracle flaws where PKCS#5 is used, the most well-known example is in old versions of the ASP.NET framework. Many people are under the mistaken impression that this flaw is exclusive to ASP.NET, when it is not. Now that I've satisfied the pedantic side of me, here's the information you've actually asked for: http://blog.gdssecurity.com/labs/2010/10/4/padbuster-v03-and-the-net-padding-oracle-attack.html This blog post explains the usage of padbuster.pl against a vulnerable installation of ASP.NET. It's been very helpful for me and for other people I've spoken with in the past. Feel free to contact me directly with questions about its usage. Cheers, </pre> Daniel "unicornFurnace" Crowley 2012-04-28T06:20:53 http://comments.gmane.org/gmane.comp.security.websecurity/8485 <pre>Hi all, May be this a very stupid question, however, after many unsuccessful attempts, I would appreciate your assistance. In testing a web application, I found that on sending the following request header: GET /path/path-contd/resource.asp?key1=value1&amp;key2=value2&amp;key3=value3 HTTP/1.1 .... I got the the following response header: HTTP/1.1 302 Found Date: xxxx Server: xxxx Location: https:// &lt;full-domain&gt;/path/path-contd/resource.asp?https=redirect&amp;key1=value1&amp;key2=value2&amp;key3=value3 .... I tried to inject "CRLF" (%0d%0a) in value3 to perform a HTTP Response Splitting, however, the input was always output to the response header as text and the injected CRLF (%0d%0a) was never executed. I tried: 1. double url encoding: %250d%250a 2. encoding the attack vector to unicode 16-bit 3. injecting %0d%0a (and double encoded value) in value1 instead 4. injecting %0d%0a (and double encoded value) in value2 instead Am I missing something trivial or any other attack vector to bypass CRLF Injection protection/filter? Is this the right approach? Or should I safely assume that the application is performing proper URL sanitization? Look forward to your replies. My apologies again in case my question is naive. Br, m0n _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Mon 2012-04-30T12:32:00 http://comments.gmane.org/gmane.comp.security.websecurity/8483 <pre>I'm doing a web app pen test and the Oracle Padding vulnerability popped up in Nessus and Acunetix. I tried playing with padbuster.pl and watched every video on YouTube on this, and can't exploit it. I'm doing the bruteforce option I found at this http://blog.securitywhole.com/2010/10/21/net-padding-oracle-attack-padbusterpl-and-the-microsoft-recommended-workarounds.aspx now and hit 40K attempts and counting. It seems that the goal of all of these docs and videos is to grab the web.config file from the server. Just so happens that I found we.config.bak on the server already and have the file. In that file I found the DB connection login and password info, as well as DB table names. I'm assuming that I cant login to the web app with these credentials....could I do anything else? Any insight is appreciated! --Chris _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> chris serafin 2012-04-25T23:34:05 http://comments.gmane.org/gmane.comp.security.websecurity/8469 <pre>Hi - I am researching approaches to protecting against Web risks, specifically in the HTML5 area, where I include language elements/attributes, CORS, XHR2, Websockets, Web Workers, Web Messaging (e.g. jpostMessage), and Storage. Looking for 1) native browser techniques/plugins; 2) vendor offerings; and 3) PoC tools that mitigate published issues. In particular, I am interested in vendors with HTML5-specific capabilities. Just to be clear - I have done a lot of research on the technologies and ways they might be manipulated or attacked and am now looking for ways to address/mitigate the problems. The research report will be available this quarter, so if you want a copy, please send me a note offline. (I am looking for a few early reviewers as well). Goal is to translate technical implications of HTML5 into business risks - geared to enterprise CISO audience. thanks, Pete Pete Lindstrom Principal, VP of Research Spire Security, LLC &lt; at &gt;SpireSec www.spiresecurity.com 610-644-9064 _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Pete Lindstrom 2012-04-23T15:56:00 http://comments.gmane.org/gmane.comp.security.websecurity/8468 <pre>The 8th issue of the HITB Quarterly Magazine is now available for download! http://magazine.hitb.org/ This edition is a little bit 'lighter' than previous issues as the editorial team is busy working on an extra special release for our 10th year anniversary conference in October, HITBSecConf2012 - Malaysia. http://conference.hitb.org/hitbsecconf2012kul/ For the first time ever though, we're making print editions of the magazine available (courtesy of HP MagCloud) - A print edition of the HITB Quarterly is a perfect addition for your coffee table or office reception area and we'll be making past issues also available for print over the next couple of weeks. We're hoping that print sales will allow us to pay our authors and contributors for their articles, so ordering a print copy is a way for you to help support them! Putting together content for the magazine is practically a full time job and it would be nice to offer authors some form of compensation for the time and energy taken to produce the high quality articles that you all enjoy. Enjoy the issue and hopefully see you at #HITB2012AMS in May: http://conference.hitb.org/hitbsecconf2012ams/ --- Hafez Kamal HITB Crew Hack in The Box (M) Sdn. Bhd. Suite 26.3, Level 26, Menara IMC, No. 8 Jalan Sultan Ismail, 50250 Kuala Lumpur, Malaysia Tel: +603-20394724 Fax: +603-20318359 _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Hafez Kamal 2012-04-23T14:21:28 http://comments.gmane.org/gmane.comp.security.websecurity/8462 <pre>Hello list, I was playing with the idea making a JavaScript based network scanner / CSRF exploiting tool. I know the idea in itself isn't very new, but I feel somehow it never really got the credit that it deserved and still believe it's a valid attack vector and with some preparation and minimal tweaking/configuring of the scanning engine before sending it to a target will yield very good results. Anyways; I made a quick write-up of my ideas/findings. Any feedback on the matter would be greatly appreciated. http://allodox.wordpress.com/2012/04/21/javascript-based-network-scanners/ Regards, Raf _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> allodoxa 2012-04-21T14:03:17 http://comments.gmane.org/gmane.comp.security.websecurity/8461 <pre>Ruxcon 2012 Call For Papers The Ruxcon team is pleased to announce the call for papers for the 2012 annual Ruxcon conference. This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia. The deadline for submissions is the 15th of July. * What is Ruxcon? Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security. Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community. For more information, please visit http://www.ruxcon.org.au * Presentation Information Presentations are set to run for 40 to 50 minutes, and will be of a formal nature, with slides and a speech. * Topics Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) * Submissions Submissions should thoroughly outline your desired presentation subject. If you have any enquiries about submissions, or would like to make a submission, please send an e-mail to presentations&lt; at &gt;ruxcon.org.au The deadline for submissions is the 15th of July. If approved we will additionally require: i. A brief personal biography (between 2-5 paragraphs in length). ii. A description on your presentation (between 2-5 paragraphs in length). * Contacts Email: presentations&lt; at &gt;ruxcon.org.au Twitter: ruxcon _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> cfp< at >ruxcon.org.au 2012-04-19T05:04:06 http://comments.gmane.org/gmane.comp.security.websecurity/8460 <pre>Hello Readers, The 27th Issue - April 2012 is out now! From this month we have started a new section - Code Gyan. Code Gyan section will focus on good programming practices and snippets to mitigate various vulnerabilities. Hope you like it. This issue covers following articles:- 0x00 Tech Gyan - XSS – The Burning issue in Web Application 0x01 Tool Gyan - Sysinternals Suite 0x02 Mom's Guide - Decoding ROT using the Echo and Tr Commands in your Linux Terminal 0x03 Legal Gyan - Provisions of Sec. 66B 0x04 Matriux Vibhag - How to enable WiFi on Matriux running inside VMWare 0x05 Code Gyan - Local File Inclusion 0x05 Poster - http://chmag.in/poster/apr2012/poster-month PDF version can be download from:- http://chmag.in/issue/apr2012.pdf Check http://chmag.in/ for more articles. Submit your articles, feedback to info&lt; at &gt;chmag.in Regards, Team CHMag http://chmag.in _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Abhijeet Patil 2012-04-18T17:00:54 http://comments.gmane.org/gmane.comp.security.websecurity/8458 <pre>Hello participants of Mailing List. I want to draw your attention to the updates concerning my articles. In February my article CSRF Attacks on Network Devices (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-February/008265.html) was released in PenTest Extra 02/2012. I remind you, that in this article I've told about different CSRF attacks on network devices, including attacks on login forms described in my 2011's article (such attacks can be conducted on login forms of web applications, including the control panels of network devices). And in this article I've described this topic in details (with examples of attacks on vulnerabilities in real network devices). As I've mentioned in my announcement, I put pdf-file teaser of the magazine with part of the article at my site (and full text was available in the magazine). For those of you who are interesting in this subject, but haven't read the article due to lack of possibility to read this issue of the magazine, here is a good possibility to read it. At the beginning of this month I've published full article "CSRF attacks on network devices" at my site (http://websecurity.com.ua/articles/csrf_attacks_on_network_devices/). Concerning my two 2011's articles "Bypassing of captchas and blocking at web sites" and "Bypassing of blocking by IP at web sites", which I've briefly translated to the list (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-September/008051.html). And after the publication there were requests from readers of the list to make full translation of them. So how I've already informed people, who made the requests, I've translated them to English and combined them into one article (with much more information), which I called "Advanced methods of bypassing of blockings at web sites". This article was published in April in the magazine Pentest Regular 04/2012 (http://pentestmag.com/pentest-regular-0412/). You can download a teaser of this issue of the magazine with my article (http://websecurity.com.ua/uploads/articles/PenTest_04_2012_Teasers.pdf). There is a fragment of the article in it and you can read full version of the article in the magazine. I hope it will be interesting for you. Best wishes &amp; regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> MustLive 2012-04-17T20:50:05 http://comments.gmane.org/gmane.comp.security.websecurity/8457 <pre>Dear all, This is to announce release of winAUTOPWN version 3.0 The improved GUI extension - WINAUTOPWN ACTIVE SYSTEMS TRANSGRESSOR GUI [ C4 - WAST ] is a Systems and Network Exploitation Framework built on the famous winAUTOPWN as a backend. C4 - WAST gives users the freedom to select individual exploits and use them. A complete list of all Exploits in winAUTOPWN is available inside MISC\CHANGELOG.TXT A complete list of User Interface changes is available in MISC\UI_CHANGES.txt BSDAUTOPWN has been compiled, like always for various flavours and has been upgraded to version 1.8 alongwith all applicable exploits which have been added in this release. Included this time is the bsd_install.sh, which will set chmod on all applicable BSD compiled binaries. WINAUTOPWN requires PERL,PHP,PYTHON,RUBY and its dependencies alongwith a few others' too for smooth working of exploits included in it. A complete Document explaining : How to use winAUTOPWN/bsdAUTOPWN, How to add your own exploits using WELF(winAUTOPWN Exploit Loading Framework), other advanced command-line options and everything else related to WINDOWS AUTOPWN is available at the Downloads Section. It is also available online at: http://resources.infosecinstitute.com/vulnerability-testing-winautopwn/ WINDOWS AUTOPWN - [ C4 - WAST ] Crafted by : Azim Poonawala (QUAKERDOOMER) winAUTOPWN and bsdAUTOPWN are available at http://winautopwn.co.nr Alternative location: http://www.c-4.in/winautopwn Author's website : http://solidmecca.co.nr Blog : http://my.opera.com/quakerdoomer Regards, QUAKERDOOMER _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> QUAKER DOOMER 2012-04-17T10:36:58 http://comments.gmane.org/gmane.comp.security.websecurity/8456 <pre>LoginWall announces: A new cyber hackathon Mission: To crack a LoginWall password. Prize: the new iPad! No registration necessary! Unlimited number of tries! Join the competition now at hackathon.loginwall.com For more info, please contact tehila&lt; at &gt;loginwall.com _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Omer Granot 2012-04-17T11:11:00 http://comments.gmane.org/gmane.comp.security.websecurity/8454 <pre>Hi everybody, I want to announce that a Pre-Release of WATOBO 0.9.8 is now available as a ruby gem. WATOBO is intended to enable security professionals to perform semi-automated web application security audits. Here's a brief summary of its features: - Session Management; Login scripts, logout recognition, automated relogin - One-Time-Token support; for testing CSRF protected functions - NTLM-Authentication for servers and proxies - Active security checks: SQLi, XSS, LFI, DirWalker, HTTP-Methods, JBoss, SAP, ... - Passive checks/filters: Cookie-Options, Login-Encryption, DOMXSS, ... - Plugins: SSLChecker, FileFinder and Catalog-Scanner - Fuzzer: fuzz engine, e.g. for username enumeration or collecting cookies - Manual Request Editor: customize and send requests - Differ: diffing request/response pairs More informationen as well as (new) video tutorials are available at http://watobo.sourceforge.net If you find a bug, have a feature request or simply want to tell some success stories please send a mail to watobo&lt; at &gt;siberas.de. Thanks for your contribution, andy _______________________________________________ The Web Security Mailing List WebSecurity RSS Feed http://www.webappsec.org/rss/websecurity.rss Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA WASC on Twitter http://twitter.com/wascupdates websecurity&lt; at &gt;lists.webappsec.org http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org </pre> Andreas Schmidt 2012-04-11T21:59:56 Search the mailing list at Gmane query http://search.gmane.org/?group=$group=gmane.comp.security.websecurity