hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
JeiAr
Sep 18 2004, 01:55 PM
I wrote this last night. It is my first ever article. If people like it I may start writing articles more regularly smile.gif Constructive criticism welcome.

http://www.gulftech.org/?node=article&arti...=00050-09182004

Please note that the eBay and HBO vulns do not work anymore, as i released the LiveWorld advisory a while ago so they have been patched. The others do work though wink.gif
niko
Sep 19 2004, 05:42 AM
nice article !

Yes, you should always filter heavily any user input that gets reflected back to the user...these developers should be testing it every time they add a new variable.

-niko
JeiAr
Sep 19 2004, 04:37 PM
Thanks very much niko smile.gif

And yes, I agree. I just sent this to BugTraq, so maybe some of the developers can learn from their mistakes. I hope they do because as I wrote in my BugTraq post:

QUOTE

I am a user of Amazon, Monster, CareerBuilder, CNN and eBay, so I am at risk just like anyone else.
Faceless Master
Sep 19 2004, 05:23 PM
Its real good..
Keep up the good work smile.gif
!~Regards
FM
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.