tag:blogger.com,1999:blog-13756280.post314296193335026489..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: Attention security researchers! Submit your new 2009 Web Hacking TechniquesJeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger36125tag:blogger.com,1999:blog-13756280.post-23477474715230237892011-01-03T08:49:27.175-08:002011-01-03T08:49:27.175-08:00Il n'ya pas de point de croix chemin en tant q...Il n'ya pas de point de croix chemin en tant que telle. Principalement, il est difficile pour un chercheur de visiter tous les blogs, ou vice versa. Il peut être le résultat en une même chose, mais les points d'extrémité d'attaque et explication pourrait varier en fonction de la divulgation faite au vendeur nécessaires et leur réponse.acheter kamagrahttp://www.acheter-kamagra.netnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-72278739796777956762010-01-03T05:26:31.116-08:002010-01-03T05:26:31.116-08:00My contribution:
* Cross-Web2.0 Scripting
http://...My contribution: <br />* Cross-Web2.0 Scripting<br />http://aviv.raffon.net/2009/05/18/CrossWeb20Scripting.aspx<br />* Month of Twitter Bugs<br />http://aviv.raffon.net/2009/06/15/MonthOfTwitterBugs.aspx<br />http://www.twitpwn.com<br />* Flash Shared Object - Bypass “Private Browsing” mode<br />http://aviv.raffon.net/2009/08/17/NotSoPrivateAfterAll.aspxavivrahttps://www.blogger.com/profile/07588733978066155038noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-74439155779455581982010-01-02T14:04:22.176-08:002010-01-02T14:04:22.176-08:00Jeremiah!
Yesterday I wrote you a new letter (in ...<b>Jeremiah!</b><br /><br />Yesterday I wrote you a new letter (in addition to my first letter) with other my 2009's researches.<br /><br />And also with mentioning of Soroush Dalili's research on IIS, which you also can look at. As I see you already mentioned it in #69 (you can add a link to pdf with advisory too).MustLivehttps://www.blogger.com/profile/08538055923830905188noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-54246636077152393812009-12-30T13:35:51.495-08:002009-12-30T13:35:51.495-08:00@Avi - updated.@Avi - updated.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-43755156527089500542009-12-30T13:19:04.907-08:002009-12-30T13:19:04.907-08:00Hey Jeremiah,
Just a heads up wrt #68, the name wa...Hey Jeremiah,<br />Just a heads up wrt #68, the name was changed to Cross-Site Identification (or XSId, of course :) ).<br /><br />I think this name much better reflects the real impact of the issue.<br /><br />A.D.Avi Douglennoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-17979482939867888002009-12-30T09:02:34.429-08:002009-12-30T09:02:34.429-08:00I think we can add HTML+TIME XSS attacks working o...I think we can add HTML+TIME XSS attacks working on all IEs from 5.5 to 8 like tweeted here:<br /><br />https://twitter.com/0x6D6172696F/status/7197250108<br /><br />https://twitter.com/0x6D6172696F/status/7196350903<br /><br />https://twitter.com/0x6D6172696F/status/7196312532<br /><br />https://twitter.com/0x6D6172696F/status/7180793115<br /><br />Introduces loads of new possible vectors mostly unknown by devs and not filtered by common WAF/filter solutions..mariohttps://www.blogger.com/profile/04272129081843869542noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-40522403683600076702009-12-30T08:58:23.099-08:002009-12-30T08:58:23.099-08:00Research titled "Advanced SQL injection to op...Research titled "Advanced SQL injection to operating system full control" <a href="http://www.blackhat.com/presentations/bh-europe-09/Guimaraes/Blackhat-europe-09-Damele-SQLInjection-slides.pdf" rel="nofollow">slides</a> and <a href="http://www.blackhat.com/presentations/bh-europe-09/Guimaraes/Blackhat-europe-09-Damele-SQLInjection-whitepaper.pdf" rel="nofollow">whitepaper</a>.<br />Research titled "Expanding the control over the operating system from the database" <a href="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database" rel="nofollow">slides</a><br />It's by the same author of <a href="http://sqlmap.sourceforge.net" rel="nofollow">sqlmap</a>. The best in the field!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-68543994598142747932009-12-30T08:36:26.783-08:002009-12-30T08:36:26.783-08:00@Inferno, thanks added #70@Inferno, thanks added #70Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-79974600529803341142009-12-29T22:29:33.202-08:002009-12-29T22:29:33.202-08:00Very cool cross-browser cross-domain css exploit b...Very cool cross-browser cross-domain css exploit by Chris Evans<br />http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.htmlInfernohttps://www.blogger.com/profile/10528304391179974075noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-39468617308012819042009-12-28T15:57:29.629-08:002009-12-28T15:57:29.629-08:00@0kn0ck, added #70@0kn0ck, added #70Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-61092559147363089682009-12-28T09:15:07.588-08:002009-12-28T09:15:07.588-08:00Jer
That's a great step.Another interesting d...Jer<br /><br />That's a great step.Another interesting discussion. Have a look:<br /><br />http://zeroknock.blogspot.com/2009/12/google-chrome-webkit-msword-scripting.htmlAditya K Soodhttps://www.blogger.com/profile/10592122467317696329noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-18119589544426578072009-12-28T08:56:30.595-08:002009-12-28T08:56:30.595-08:00@0kn0ck understood, which is a big reason why I...@0kn0ck understood, which is a big reason why I've been making such lists. To be a repository for reference if nothing else.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-65448480506024165002009-12-28T08:45:29.095-08:002009-12-28T08:45:29.095-08:00Jer
There is no point of cross path as such. Prim...Jer<br /><br />There is no point of cross path as such. Primarily it is hard for a researcher to visit every blog or vice versa. It may be result as a same thing but the attack end points and explanation could vary depending to the disclosure done to the requisite vendor and their response.Aditya K Soodhttps://www.blogger.com/profile/10592122467317696329noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-37286595954794699012009-12-28T08:05:14.016-08:002009-12-28T08:05:14.016-08:00@0kn0ck, added #66. And please have a look at Must...@0kn0ck, added #66. And please have a look at MustLive's work he cited. It does appear to look similar, but if not, would be helpful to know why. Either way, researchers including myself do cross paths with the work of others without knowing it.<br /><br />@adi, added #67 - thank you.<br /><br />@ronen, added #68 thanks.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-47131820688408785932009-12-27T12:18:51.975-08:002009-12-27T12:18:51.975-08:00A new type of attack allowing cross-site identific...A new type of attack allowing cross-site identification using out of context information from social networks.<br /><br />http://blog.quaji.com/2009/12/out-of-context-information-disclosure.htmlRonen Zilbermanhttps://www.blogger.com/profile/05471997580954609878noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-10076206784488036762009-12-26T14:05:22.064-08:002009-12-26T14:05:22.064-08:00Current list is interesting, but I must note about...Current list is interesting, but I must note about some of its items.<br /><br />There are contributions by other researchers which is just the same as my own, but I did my own months and even years earlier :-). Like 0kn0ck's one about Yahoo Babelfish (which mentioned as #60). And also new 0kn0ck's comment about Google Translate.<br /><br />I wrote about this hole in Yahoo Babelfish (on both <a href="http://websecurity.com.ua/2939/" rel="nofollow">babelfish.altavista.com and babelfish.yahoo.com</a>) in beginning of 2009 (and found hole at 25.04.2008 and informed Yahoo which ignored to fix it).<br /><br />About such XSS attacks which I called Remote XSS/HTML Include (and fun guys called it Frame Injection) I wrote many times at my site for last three years.<br /><br />Like vulnerabilities at <a href="http://websecurity.com.ua/1049/" rel="nofollow">images.google.com</a> (in 2007), <a href="http://websecurity.com.ua/1821/" rel="nofollow">images.search.yahoo.com</a> (in 2008) and <a href="http://websecurity.com.ua/2014/" rel="nofollow">www.google.com and translate.google.com</a> (in 2008) and at many other sites. And in all cases web site owners ignored to fix the holes.<br /><br />So I recommend 0kn0ck to not touch my holes (which I found a long time before him) and find others (new ones) for himself ;-). I very often see such cases, when other people found my holes after months and years after me :-). There was such case with hole in images.google.com, and here are cases with Yahoo Babelfish and Google Translate. Anyway I wish everyone Merry Christmas and Happy New Year!MustLivehttps://www.blogger.com/profile/08538055923830905188noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-28426637532944490282009-12-26T13:47:43.160-08:002009-12-26T13:47:43.160-08:00Jeremiah!
List of 2009 Web Hacking Techniques is ...<b>Jeremiah!</b><br /><br />List of 2009 Web Hacking Techniques is a good thing (as it were with previous lists for 2007 and 2008).<br /><br />Soon I'll write you about my 2009's web hacking techniques.<br /><br />P.S.<br /><br />Happy holidays to everyone.MustLivehttps://www.blogger.com/profile/08538055923830905188noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-16141951049472525762009-12-24T22:20:31.670-08:002009-12-24T22:20:31.670-08:00Hi Jeremiah,
This new type of attack is generic ,...Hi Jeremiah,<br /><br />This new type of attack is generic , will work on any system/OS/browser, doesn't rely on any implementation bug, and shows how can hackers penetrate VPN or even closed networks.<br /><br />Active Man in the Middle Attacks:<br /> http://blog.watchfire.com/wfblog/2009/02/active-man-in-the-middle-attacks.html <br /><br />Happy holiday season,<br />AdiAdihttps://www.blogger.com/profile/05302295459669569855noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-2820390947975023512009-12-24T22:19:16.044-08:002009-12-24T22:19:16.044-08:00Google Translate - Google User Content - File Uplo...Google Translate - Google User Content - File Uploading Cross - XSS and Design Stringency - A Talk<br /><br />http://zeroknock.blogspot.com/2009/12/google-translate-google-user-content.htmlAditya K Soodhttps://www.blogger.com/profile/10592122467317696329noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-70686779352472573022009-12-24T22:18:47.028-08:002009-12-24T22:18:47.028-08:00This new type of attack is generic , will work on ...This new type of attack is generic , will work on any system/OS/browser, doesn't relate to any implementation bug, and shows how can hackers penetrate VPN or even disconnected networks<br /><br />Active Man in the Middle Attacks:<br /> http://blog.watchfire.com/wfblog/2009/02/active-man-in-the-middle-attacks.html <br /><br />Happy holiday season,<br />AdiAdihttps://www.blogger.com/profile/05302295459669569855noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-45625091051193237472009-12-23T08:49:54.104-08:002009-12-23T08:49:54.104-08:00@Amish, thanks fixed.@Amish, thanks fixed.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-89842473109617667652009-12-23T04:25:18.634-08:002009-12-23T04:25:18.634-08:00"iPhone SSL Warning and Safari Phishing"..."iPhone SSL Warning and Safari Phishing" attack points to 404 page. <br /><br />The correct hyper link would be,<br /><br />http://ha.ckers.org/blog/20090329/iphone-ssl-warning-and-safari-phishing/Amish Shahhttp://net-square.comnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-44643565354073331552009-12-22T09:25:12.118-08:002009-12-22T09:25:12.118-08:00@Stephen, thank you. Added #64 and #65@Stephen, thank you. Added #64 and #65Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-53208155562968091302009-12-21T18:16:03.737-08:002009-12-21T18:16:03.737-08:00http://stephensclafani.com/2009/05/26/exploiting-u...http://stephensclafani.com/2009/05/26/exploiting-unexploitable-xss/<br /><br />http://stephensclafani.com/2009/05/04/clickjacking-oauth/Stephen Sclafanihttp://stephensclafani.com/noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-7440043662863582542009-12-21T10:45:45.756-08:002009-12-21T10:45:45.756-08:00@belch, thank you. #63@belch, thank you. #63Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.com