Everyone's seen the following in almost every SQL injection tutorial on the planet:
UNION ALL SELECT 0,0,0,0,0 FROM users
This is the standard method of SQL injection: slide in a UNION statement to join two SELECT statements together and thus get the data you're looking for. This is fun, but it often produces ugly and hard to interpret results. Read the rest of this entry »
First off, I want to stress that the idea of an XSS fuzzer in GreaseMonkey is not my own unique idea - I saw WhiteAcid's XSS Assistant a few months ago and played with it a little bit with some success. However, his is very different from mine, mainly in that it is far more detailed and pretty than mine is. Well, I liked the concept of this XSS fuzzer, but I wanted to change how it worked. Read the rest of this entry »
pdp from gnucitizen has released an exploit for FireFox with QuickTime which allows remote command execution. Watch what you click 
Though I'm sure most site admins can figure this out, it is amazing how easy it is to find XSS bugs in closed-source software using nothing but Google and old-fashioned brute stupidity. Read the rest of this entry »
If you use Litespeed HTTP server, you may not be aware of an XSS bug that exists in the core files, namely the file listing file located in /_autoindex/default.php. An example attack would be
_autoindex/default.php/<script>alert(1)</script>
To patch this, just add this on line 346:
$uri = htmlentities($uri);
Bam.
