2 More Wordpress Plugin Exploits – Adserve & WassUp

Posted 1942 days ago - Security, Wordpress · Leave a Comment

Wow, four Wordpress plugin exploits released in under a week. Are these plugin authors really amateurs, or just trying to pwn Wordpress blogs?

Continue reading 2 More Wordpress Plugin Exploits – Adserve & WassUp

2 New Wordpress Plugin SQL Injection Vulnerabilities

Posted 1945 days ago - Security, Wordpress · Leave a Comment

That's right Wordpresss kiddies, two new vulnerabilities, and they're pretty nasty. Author Houssamix From H-T Team has released two remote SQL injection proof of concepts for WP-Cal and fGallery 2.4.1.

Continue reading 2 New Wordpress Plugin SQL Injection Vulnerabilities

Remote Denial of Service Exploit – Apple iPhone 1.1.2

Posted 1948 days ago - Security · Leave a Comment

Milworm has published a denial of service exploit for the Apple iPhone, 1.1.2. I've made the page available, so feel free to send your friends with iPhones to that page if you'd like to see 'em cry.

Continue reading Remote Denial of Service Exploit – Apple iPhone 1.1.2

Another Wordpress Plugin Vulnerability: WP-Forum 1.7.4

Posted 1953 days ago - Security, Wordpress · Leave a Comment

Milworm.com has released another Wordpress plugin vulnerability, this time it's WP-Forum 1.7.4. I'm no expert at deciphering exactly how exploits work, but this remote sql injection appears to grant the attacker administrative privileges. If you're using WP-Forum 1.7.4 or earlier on your Wordpress blog, uninstalling this vulnerable plugin is highly recommended.

Continue reading Another Wordpress Plugin Vulnerability: WP-Forum 1.7.4

Updates and a Happy New Year

Posted 1972 days ago - Off-topic · 2 Comments

A recently released Wordpress vulnerability proof of concept forced me to update Wordpress, and as a result, several plug-ins are now failing to work properly. I don't regret performing the update because not only were the security holes patched, but database queries were optimized.

Continue reading Updates and a Happy New Year

Leaked: Standard Operating Procedures for Camp Delta

Posted 2019 days ago - Politics · Leave a Comment

Camp Delta's manual outlining standard operating procedures was recently leaked on Wikileaks.org. A direct link to the leaked document is available here: http://www.wikileaks.org/wiki/Gitmo-sop.pdf. Dated March 28th, 2003, this 238 page document appears official. Guantánamo spokesman, Army Lt. Col. Ed Bush, openly claimed the Cuban based prison camps "have evolved significantly since 2003, prompting many SOP changes."

Continue reading Leaked: Standard Operating Procedures for Camp Delta

Old School DDoS Attacks – How Large Servers Got Pwned

Posted 2132 days ago - Debian, Security · 2 Comments
/* 

How Large Servers are Owned via DDoS 

written by perator 

*/

Every time you dial up to your ISP, your box is assigned an IP address. An IP address is a number (eg. 199.44.2.1) that identifies you on the internet. Every online computer has its own unless it's on a LAN (Local Area Network) in which case it might share an IP address with several computers linked to a HUB (A network device that links computers together to form a network).

By sending "fragmented" packets to someone's IP address, you can knock them offline, freeze, "blue screen" or even reboot someone's computer, depending on the packet header and the remote computer's tcp/ip stack's buffer. This is called a DoS Attack (Denial of Service attack). We are not going to do this, as little buffer overflows like those only work on windows based operating systems. Since we're usually dealing with Sun Sparc servers, routers, nodes, and Unix based systems, we're going to use utilities which turn 200gbps of bandwidth into 0kbps.

Continue reading Old School DDoS Attacks – How Large Servers Got Pwned

Computer Security Is A Myth – Learn To Appreciate Technology

Posted 2132 days ago - Security · Leave a Comment

Ken Thompson and Dennis Ritchie were the two responsible for developing UNIX while working for Bell Laboratory’s. With the advancement of phone technology in the early 1970’s, AT&T needed an operating system that would provide stable services for thousands of users at a time. Ritchie used a modified version of the Basic Combined Programming Language to develop UNIX, and later renamed his revision to simply, B. After several advancements and revisions during 1972, B became known as C. The major advantage C provided was the ability to port the operating system to other chipsets (UGA). This would allow functionality on almost any system architecture. Thirty years later, C is still widely used and accepted as a high end programming language.

Toward the end of the 1970’s, several copies of UNIX made there way to Universities, Government Labs, and average users. As a result of remaining Open Source, several worthy contributions come from people all over the world. Responses and support for the operating system lead small teams or groups of people to eventually develop their own varieties known as distributions. From this amazing system comes a torrent of distributions, each designed for a specific task or tasks. FreeBSD, Linux, OpenBSD, Irixx, Sparc, AIX, and even Macs contain their own unique properties, but get their roots from UNIX.

Continue reading Computer Security Is A Myth – Learn To Appreciate Technology

2 Pages: 1 2 »