exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 55 of 55 RSS Feed

Files

sql_injection_walkthrough.txt
Posted May 23, 2002
Authored by sk | Site scan-associates.net

SQL Injection Walkthrough - SQL injection attacks web applications by submitting raw SQL queries as input. Includes what to look for, how to test if a page is vulnerable, how to execute commands remotely, how to see the output of your SQL query, how to get data from the database using ODBC error messages, how to update/insert data into the database, and how to avoid SQL Injection.

tags | paper, web, sql injection
SHA-256 | ced0750fc6f0dfd8830e55f1c3c127b377e1c9c68ad6037544ff0d4fc23fcfb7
web.headers.txt
Posted Jan 22, 2002
Authored by Zenomorph | Site cgisecurity.com

Header Based Exploitation - Web Statistical Software Threats. When people visit your website, certain information is passed from the users web browser to your web server/script. This information contains data such as what browser they are using, the last site visited, the file they requested, and other information. This paper was written to help you understand how an attacker can use these information fields to exploit your web statistics software. Includes info on SSI Tag Insertion, HTML Insertion, and more.

tags | paper, web
SHA-256 | 28d2fa4685980f28f5b718d00024231d08243ee32e0bb94551324cd39274d5aa
Secure-Web-Development.pdf
Posted Jul 25, 2000
Authored by Razvan Peteanu

Best Practices for Secure Web Development is intended as a guideline for developing secure web based applications. Includes basic web security practices, cross-site scripting, PKI, code review, and more.

tags | paper, web, xss
SHA-256 | 7c1777b2da1020b5231acda0e2c833637f7afda2f1a49469e972503425b1bc6c
Directory-URL.prediction.doc
Posted Jul 15, 2000
Authored by Revelation D'Soul

Directory and URL Prediction Vulnerabilities - Many websites, most notably adult-related websites offering pictures and files, leave their data open for others to see. These vulnerabilities often go undetected. This, of course may not be an issue to some, but many of these websites obtain their revenue through their sponsors, banners and membership fees. These types of vulnerabilities bypass sponsors, banners, membership sign-in areas, and most adult verification systems. For lack of better wording I have titled these types of vulnerabilities "Directory and URL Prediction". In reality, this is what it comes down to. There are many methods of exploiting these vulnerabilities, and only a few will be covered in this document. Please keep in mind that the effectiveness of these tactics depends heavily on the ineffectiveness of the website's security and design layout. I know some of you may have known these for years, but many have not. These vulnerabilities still exist today on the Internet.

tags | paper, web, vulnerability
SHA-256 | d8ef59420a33e0a2d9f221128fa959272146d784f7508d8012ab1e9d158382ad
cookleak.htm
Posted Dec 9, 1999
Authored by Richard Smith | Site tiac.net

Since the invention of Web browser cookies by Netscape, the claim has always been made that they are anonymous and cannot be associated with any personal information unless someone provides this information. In this write-up, I will present a technique in which browser cookies can be matched to Email addresses without people's knowledge. The technique relies on a security hole that is present in both Microsoft's Internet Explorer browser and Netscape's Navigator browser. This technique can be used, for example, to allow a banner ad company to associate an Email address with a "anonymous" profile that has been created for a person as they surf the Web.

tags | paper, web
SHA-256 | 47f14da3aa9f1689692f108845fad8b6b3d627c6b65c81714e5d0d58b19318f8
Page 3 of 3
Back123Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close