Just a quick tip for anyone doing a code review of a Java EE web application: LAPSE+ is a very useful tool to have in the arsenal, whether you’ve got the original source or just the JAR/WAR file. In my case, the client provided me with a single .WAR file which contained the application. As… Read More Pentesting Java EE web applications with LAPSE+
I was dubious at first, but I really have grown to like Redis. It’s a wonderfully simple solution to the problem of high-performance fast-changing data storage. However, its simplicity (combined with the incompetency of certain users) can easily become a detriment to security. The Redis protocol is a simple plain-text mechanism, offering no transport layer… Read More Redis security
Ok, so maybe not everyone. But, for the mostpart, people are doing MySQL queries wrong in their PHP code. What’s even scarier is that 90% of PHP tutorials I read teach it wrong, too. Here’s why: mysql_ functions are to be deprecated in future and have been advised against by the PHP developers. Concatenating query… Read More MySQL in PHP – Everyone is doing it wrong
SQL injection vulnerabilities represent a majority percentage of security holes that end up resulting in a website being hacked. One of the most popular automated SQL injection tools in existence is Havij, which is especially popular because of its simplicity. Using it is pretty much a case of pointing it at a vulnerable URL and… Read More Blocking automated SQL injection
Major forums such as vBulletin and Invision Power Board have recently altered a lot of their codebase to require a security token to prevent their previous vulnerability to XSRF (Cross Site Request Forgery). Unfortunately, phpBB seems to be lagging behind a little and has not yet added this feature. To test, I set up phpBB… Read More XSRF in phpBB, and probably a lot of other CMS software.