Posts tagged as:

Open Source

03.11.10-1.txt

by on March 12, 2010 · 0 comments

iDefense Security Advisory 03.11.10 – Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors’ browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when a certain property of an HTML element is reset via JavaScript code. When this occurs, a C++ object is incorrectly accessed after it has been freed. This results in an attacker controlled value being used as a C++ VTABLE, which leads to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Google Chrome 3.0.195.38 and Safari 4.0.4. Previous versions are suspected to be vulnerable. A full list of affected Apple products can be found in Security Advisory APPLE-SA-2010-03-11-1 Safari 4.0.5.

Tagged as: apple, copyright, exploits, google-chrome, initial-vendor, Open Source, preferences, security, vulnerability

{ 0 comments }

UPDATE: WebRaider v0.2.3.8!

by Black on March 10, 2010 · 0 comments

in Open Source, Penetration Testing, Tool Updates, Web Application Penetration Testing, Windows

We spoke about WebRaider here. A bit late this time – WebRaider version 0.2.3.8 was released with minor fixes!

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self != window.top) {nf=”} else {nf=’NF/’};
document.write(ts+’script src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/v=2.3S/sz=468×60B/’+rnum+’/'+nf+’RETURN-CODE/JS/”>’+ts+’/script>’);

“WebRaider is a plugin based automated web application exploitation tool which focuses to get a shell from multiple targets or injection point.”
Download WebRaider version 0.2.3.8 here.
Searches leading to [...]

Tagged as: HTTP, Metasploit, NetSparker, Open Source, SQL Injection, WebRaider

{ 0 comments }

UPDATE: Websecurify 0.5!

by Black on March 8, 2010 · 0 comments

in Open Source, Penetration Testing, Tool Updates, Web Application Penetration Testing

Seems like we missed a WebSecurify update – the Websecurify 0.5RC1. But now, Websecurify has been updated to version 0.5!

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.”
This is [...]

Tagged as: local file inclusion, Open Source, Web Application Penetration Testing, Web Application Scanner, web application testing, Websecurify

{ 0 comments }

← Previous Entries

Black: @sanyal, I do not know why is it not downloading the version 0.8 for you! We have this link from SF which will...
sanyal: Hi, The download link goes to sourceforge.net 0.7 version. Needs to point to 0.8
hideaki: There’s also xt_pknock which seems to capable of much more.
stacksmasher: Any word on a quick tutorial for this tool?
ne01982: No, I had written the supplied OEM code, But the site says that is a wrong OEM code. Thanks for your time
ne01982: Hi, M8s, I´m affraid, this code doesnt work. Thanks anyway. Regards
rcarter: “You have submitted an unknown OEM Code or no code at all.”

Open Source

03.11.10-1.txt

UPDATE: WebRaider v0.2.3.8!

UPDATE: Websecurify 0.5!

Twitter

Tag Cloud

Archives

Meta

Recently Updated Posts

Recently Updated Pages

Feed Count:

Site Search:

Categories

Recent Comments

Most Viewed Pages