* You are viewing Posts Tagged ‘Security’

“Write anywhere” vulnerability in Parallels Confixx

A proof of concept of a vulnerability in Parallels Confixx 3.3.9 (latest and final version) allowing an attacker to gain full write access (as root) to a UNIX server operating said hosting software.

Continue Reading

Worst “trojan” ever

While idly browsing pastebin (yes, sometimes I do that), I found something interesting. It’s some mildly obfuscated PHP scripted malware. Curious what it might do, I started reverse engineering it and found what must be the worst coded trojan ever.

Continue Reading

Apache Range header vulnerability script

I wrote an upgraded variant of the Apache killer script propagated on Full Disclosure capable of HTTPS requests. Also, other than its descendant, it can follow a server’s initial response for redirection which the original script interprets as the server not being vulnerable.

Script is available here: Apache Vulnerability Check (2358)

This script merely checks for vulnarabilities but will not exploit them.

SSH authentication using a client certificate

Strong passwords are a necessity when it comes to securing almost anything. This article shows how you can go that extra mile to securing access to an OpenSSH enabled server using not passwords but by flashing a badge… Continue Reading

Why HTTP_HOST is evil

When browsing Stackoverflow I often notice users asking questions somehow involving the use of HTTP_HOST. I nonchalantly hint on its vulnerable nature and fail to produce a hint on an article explaining why. Which is why I decided to take matters into my own hands.

Continue Reading