Here are my three choices from Daily Blog Tip’s tutorial submissions. This post is fulfill the requirements for the contest being held by Daily Blog Tips. If you haven’t already, check out my submission here: Make Money With a Poor Mans BANS (build a niche store) and vote for it by writing up a post […]

As you might have guessed, I’m ultra concerned about security. Security isn’t my area of expertise, nor do I claim to have any superior knowledge in the field, but sometimes being ahead of the game can prove beneficial. Shoemoney’s blog has been defaced twice (to my knowledge), simply because he failed to upgrade. This gives […]

Wow, four Wordpress plugin exploits released in under a week. Are these plugin authors really amateurs, or just trying to pwn Wordpress blogs? First up, Adserve version 0.2. The SQL injection vulnerability resides in adclick.php. Here’s the vulnerable code:

if (isset($_GET[’id’])) { Header(”Location: “.iri_AdServe_BannerClick($_GET[’id’]) return $wpdb->get_var(”SELECT url FROM $table_name WHERE id=$id;”);

Again, the id variable isn’t sanitized, and successful exploitation […]

That’s right Wordpresss kiddies, two new vulnerabilities, and they’re pretty nasty. Author Houssamix From H-T Team has released two remote SQL injection proof of concepts for WP-Cal and fGallery 2.4.1. The vulnerability for WP-Cal exists in:

/wp-content/plugins/wp-cal/functions/editevent.php

and here’s what’s vulnerable:

$id = $_GET[’id’]; $event = $wpdb->get_row(”SELECT * FROM $table WHERE id = $id”);

Why? No sanitization of $id. Since id […]

For those of you that read my article on how to make money with a poor mans build a niche store, here is a little proof that my method works.

This doesn’t include the average Adsense earnings of $3-$5 a day. Looks like I’ve finally found something worth doing! So I spent all Thursday night duplicating […]

A group of individuals across the globe have unleashed a campaign to destroy Scientology’s Internet presence. The attacks have already started, and many Scientology web sites have been crippled as a result. Check out this chilling video that was posted on youtube.

A lot of people are backing the group known as “The Legion” and “Anonymous.” […]

Milworm has published a denial of service exploit for the Apple iPhone, 1.1.2. I’ve made the page available, so feel free to send your friends with iPhones to that page if you’d like to see ‘em cry. The code is a simple javascript that you can copy and paste to really have some fun. I’ve yet […]

Richard Bennett from The Register recently published an article that stated, It’s acceptable for Comcast, as a matter of reasonable network management, to employ TCP Resets to prevent BitTorrent doing harm to the web browsing, standard file downloading, and VoIP sessions that are the typical behavior of the Comcast customer Ernesto from TorretFreak responded with, “this is […]

This is a pretty simple idea that I’ve yet to experiment with, but would love to hear some feedback on. Also, I’m not sure on how ethical this method is, but the concept is so simple, I don’t see where the line is crossed. First, locate a company that pays you $0.XX per click. In the […]

301 is an HTTP status code that basically instructs search engines and browsers that a page has moved, permanently. If you’ve changed a file name, domain, folder path, whatever, a 301 redirect will update the search engines. This ensures your content remains indexed and available via search engines. PHP 301 Redirect Code <?php Header( “HTTP/1.1 […]