Rants on code, security, randomness and games
A proof of concept of a vulnerability in Parallels Confixx 3.3.9 (latest and final version) allowing an attacker to gain full write access (as root) to a UNIX server operating said hosting software.
While idly browsing [pastebin][1] (yes, sometimes I do that), I found [something interesting][2]. It’s some mildly obfuscated PHP scripted malware. Curious what it might do, I started reverse engineering it and found what must be the *worst coded trojan **ever.***
[1]: http://pastebin.com/
[2]: http://pastebin.com/7HU17uqA
I wrote an upgraded variant of the Apache killer script propagated on [Full Disclosure][1] capable of HTTPS requests. Also, other than its descendant, it can follow a server’s initial response for redirection which the original script interprets as the server not being vulnerable.
Script is available here: [Download not found]
*This script merely __checks__ for vulnarabilities but will __not__ exploit them.*
[1]: http://seclists.org/fulldisclosure/2011/Aug/175
When browsing [Stackoverflow][so] I often notice users [asking questions][so-q] somehow involving the use of `HTTP_HOST`. I nonchalantly hint on its vulnerable nature and fail to produce a hint on an article explaining why. Which is why I decided to take matters into my own hands.
[so]: http://stackoverflow.com/
[so-q]: http://stackoverflow.com/questions/4652464/how-to-chain-on-mod-rewrite