A recent post on “Full-Disclosure” mailing list referenced a web page called “Session Destroyer”. This web page is a demonstration by Kristian Erik Hermansen that promises to make logging off various popular websites very easy. How does it work? This static html page simply contains…
American Express website vulnerable… again!
A few days ago a Cross-site-scripting vulnerability was discovered and reported on the American Express Site. A XSS vulnerability can allow attackers to steal user authentication cookies from americanexpress.com, thus leading to an account hijack. As web-security consultant Joshua D.Abraham said, web developers addressed only…
Why upgrade PHP to 5.2.8? Part 2
To read part 1 of this article please refer to the previous post. Note: a large number of vulnerabilities described in this post can be exploited to bypass safe_mode. It is not recommended to rely on this PHP functionality for the security of your web…
Why upgrade PHP to 5.2.8? Part 1
Note: PHP 5.2.7 is the actual version that fixes the below security holes. PHP 5.2.8 fixes an issue introduced in 5.2.7. Details from the PHP news site. A new version of the popular scripting language, PHP includes a couple of security fixes (taken from the…
URL Rewriting and AcuSensor Technology; automation and advantages
Note: This articles refers to an older version of Acunetix. Click here to download the latest version. Nowadays, a lot of web applications are using URL rewriting. URL rewriting involves converting normal URLs to search engine friendly URLs. Usually the reason for doing this is…
Two factor authentication and Web Application Security
A few days ago PayPal announced that they will be supporting Mobile Access for the PayPal Security Key. This means that to log into their accounts, PayPal users receive a 6 digit security code via a text message. This feature obviously adds an extra layer…
AcuSensor Technology in action; finding backdoors in web applications
On March 2, 2007 the following was posted on the WordPress blog: Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your…
How XSS can lead to a Windows Domain compromise
Many times internal web applications are excluded from the scrutinity that external ones are subjected to. It is often assumed that attackers are on the external side of the network and therefore do not have access to any internal resources. In turn this usually leads…
SQL Injection in Mambo found with Acunetix AcuSensor Technology
This post shows how with Acunetix AcuSensor Technology improves scanning reliability by using sensors placed inside the web application being scanned. It also proves that with this technology, one can detect SQL injections in INSERT statements. Such vulnerabilities cannot be found using a typical web…