HackDig : Dig high-quality web security articles for hacker

Activity wrap-up including polyglots, RIPS, UploadScanner and Java fuzzing

A tweet of takesako including a C/C++/Perl/Ruby/Python polyglot got me interested, so I created two follow-up polyglots based on his work and put them on github. Recently I also evaluated the RIPS PHP scanner and I did that with some randomly chosen WordPress plugins. Afterwards I manually looked at the code of the plugins, to see if the scanner missed anyth
Publish At:2019-09-19 18:20 | Read:515 | Comments:0 | Tags:Various area41 Java security manager Java security policy PH

Deobfuscating PHPJiami

I was sent a PHP script that was protected by PHPJiami which you can find here. PHPJiami is a decent PHP obfuscator that appears to be able to bypass several online deobfuscators. Here’s what the script looks like: When you run it, you can see what the protected script does. At the top there’s a comments section. Let me change the uppercase
Publish At:2017-10-31 23:00 | Read:3742 | Comments:0 | Tags:Malscript deobfuscation php phpjiami

Critical RCE vulnerabilities affect SwiftMailer, PhpMailer and ZendMail

The security expert Dawid Golunski from Legal Hackers has reported critical RCE flaws in the popular PHP libraries SwiftMailer, PhpMailer and ZendMail. Recently the security expert Dawid Golunski from Legal Hackers has reported a critical RCE vulnerability, tracked as CVE-2016-10033, in one of the popular open source PHP library, the PHPMailer. The critica
Publish At:2017-01-03 16:15 | Read:4166 | Comments:0 | Tags:Breaking News Hacking CVE-2016-10033 CVE-2016-10034 CVE-2016

Ninety-Five Percent of Webshell Attacks Written in PHP

There’s nothing inherently malicious about a webshell, which is a script that can be uploaded to a web server to enable remote administration of the machine. In the hands of an attacker, however, they are a serious cyberthreat. Advanced persistent threat (APT) groups often use webshells to breach organizations. Webshell Attacks Surging Earlier this yea
Publish At:2016-11-19 23:00 | Read:6409 | Comments:0 | Tags:Vulns / Threats Advanced Persistent Threat (APT) IBM Managed

IBM warns a spike in the number of PHP C99 Webshell Attacks

IBM Security has warned the WordPress community about a spike in the number of attacks leveraging a specific variant of the PHP C99 Webshell. Security experts at IBM reported a spike in the number of cyber attacks pushing a variant of the popular C99 webshell in February and March, a 45 percent increase compared to the previous period. The C99 variant used i
Publish At:2016-04-19 19:20 | Read:3598 | Comments:0 | Tags:Breaking News Cyber Crime Hacking backdoor C99 Webshell CMS

Script Deobfuscator Released

The purpose of this tool is to help you perform static analysis on obfuscated scripts. It’s often easier to dynamically analyze scripts but there are times when you just don’t know where to start or you just want a high-level view of what’s going on with the script. This tool may be able to help you. I already wrote a tool called PHP Scr
Publish At:2016-02-15 18:05 | Read:3911 | Comments:0 | Tags:Malscript Tools deobfuscation javascript php script deobfusc

Weevely 3 – Weaponized PHP Web Shell

Weevely is a command line weaponized PHP web shell dynamically extended over the network at runtime and is designed for remote administration and pen testing. It provides a telnet-like console through a PHP script running on the target, even in restricted environments.The low footprint agent and over 30 modules shape an extensible framework to administrate,
Publish At:2015-09-18 18:40 | Read:4404 | Comments:0 | Tags:Hacking Tools Web Hacking command line web shell extensible

New Debian Releases Fix PHP, VirtualBox Bugs

The maintainers of Debian have released new versions of the operating system to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application.There are new versions of the stable and oldstable releases of Debian available, which fix the security vulnerabilities. Among the patches is one for th
Publish At:2015-09-14 16:25 | Read:3000 | Comments:0 | Tags:Vulnerabilities Web Security Debian PHP vulnerabilities Web

Disclosed critical vulnerabilities affecting the PHP file Manager

PHP File Manager was affected by several critical vulnerabilities for nearly 5 years, according to the security consultant Sijmen Ruwhof. In July 2010 Ruwhof was looking for a web base file manager that he could use in his own web server when he came across with PHP file Manager. At the time, he found out that the product had
Publish At:2015-07-29 20:45 | Read:3282 | Comments:0 | Tags:Breaking News Hacking backdoor PHP PHP File Manager

New PHP Releases Fix BACKRONYM MySQL Flaw

Several new versions of PHP have been released, all of which contain a number of bug fixes, most notably a patch for the so-called BACKRONYM vulnerability in MySQL.That bug in MySQL is caused by a problem with the way that the database software handles requests for secure connections. Researchers at Duo Security disclosed the vulnerability back in April afte
Publish At:2015-07-13 20:40 | Read:2512 | Comments:0 | Tags:Vulnerabilities Web Security MySQL PHP vulnerabilities Web s

Hacker Behind Plex Breach Demands 9.5 BTC in Ransom

A hacker is demanding 9.5 BTC in return for not publicly releasing user data stolen from Plex, an application that allows users to organize media files and stream them to their computer screens.On July 1st, the application sent out email notifications to those affected by the hack:“Sadly, we became aware this afternoon that the server which hosts our f
Publish At:2015-07-03 19:10 | Read:3866 | Comments:0 | Tags:Latest Security News breach Hacker PHP Plex

Seagate Confirms NAS Zero Day, Won’t Patch Until May

Seagate, over the weekend, confirmed the zero-day vulnerability in its Seagate Business Storage 2-Bay NAS boxes disclosed March 1. But in the same breath, told customers exposed to the vulnerability that a patch is still two months away.“For those customers who choose to keep their networks open, Seagate will be issuing a software patch for download ex
Publish At:2015-03-10 00:50 | Read:4066 | Comments:0 | Tags:Vulnerabilities Web Security Beyond Binary Codeigniter Light

WordPress and the GHOST Vulnerability

On Jan. 27, Qualys released a security advisory for what it termed the “GHOST” vulnerability. This was a few hours after the vulnerability was mistakenly leaked by a public relations agency on a French mailing list, possibly forcing the company’s hand to release the advisory before it had planned to. The vulnerability is a buffer overflow v
Publish At:2015-03-06 16:20 | Read:4199 | Comments:0 | Tags:Application Security Software & App Vulnerabilities Cyberatt

Seagate Business NAS Firmware Vulnerabilities Disclosed

Firmware running on certain Seagate network-attached storage devices that are popular with small businesses and home offices, are vulnerable to remote attacks.Researchers at Beyond Binary, a security consulting firm in Australia, on Sunday went public with their disclosure after a nearly five-month back-and-forth with Seagate engineers which has yet to resul
Publish At:2015-03-02 17:20 | Read:3096 | Comments:0 | Tags:Featured Vulnerabilities Web Security Beyond Binary Codeigni

Enterprise Apps in Scope of Ghost glibc Vulnerability

What drove IT admins crazy about the Bash vulnerability was that it was difficult to determine—and patch—everything that was making a Bash call. It was everywhere.Apparently, some of that angst applies to the Ghost vulnerability in the GNU C library, known as glibc. At first, experts believed the bug, which was related to gethostbyname function calls, was co
Publish At:2015-02-08 10:20 | Read:3300 | Comments:0 | Tags:Vulnerabilities Web Security Bash Chris Wysopal enterprise a

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud