The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. September 18, 2019, 08:08:42 PM

Login with username, password and session length


Pages: [1]
  Print  
Author Topic: Security talk  (Read 2797 times)
JasonD
Expert
****
Offline Offline

Posts: 100


View Profile
« on: October 04, 2007, 03:30:25 AM »

Seeing the Apache vuln thread I wondered if others are also interested in security talk ?

I am deeply into the "reverse engineering with a goal" method of thinking, and generally that goal is to get visitors to a site to do something for me. The biggest hurdle to this is normally the cross domain policies that are in force for Ajax style comms.

On that note, and to start discussions off, I wonder if any of you have played with the old (partially patched) mhtml: flaw in IE and if so your thoughts with it ?

Code:
mhtml:http://www.theregister.co.uk

Ask one of your IE using visitors to get that page for you Smiley

And to keep Perk scared, IPhones' and other Safari based browsers aren't much better !

Code:
http://www.businessinfo.co.uk/labs/SafariBetaZeroDay/safaribetazeroday.html
Logged
vsloathe
vim ftw!
Global Moderator
Lifer
*****
Offline Offline

Posts: 1669



View Profile
« Reply #1 on: October 04, 2007, 09:12:14 AM »

I think pretty much the best thing ever was when IE would execute code stored in images. I pretty much gave myself root to a shitload of boxes that day. Looking back, not very smart. At the time though, I thought it was rather clever, since the first thing I did was to implement some sneaky changes to the HOSTS file and a little DNS/ARP poisoning. You can probably fill in the blanks here as to how to make money with those methods.

Sorry, your mention of that mhtml vulnerability brought back some memories.

EDIT: Er...root...sorry - "admin" as windows calls it.
Logged

hai
perkiset
Olde World Hacker
Administrator
Lifer
*****
Offline Offline

Posts: 10096



View Profile
« Reply #2 on: October 04, 2007, 09:23:15 AM »

LOL @ JD - the iPhones do have some well documented potential vectors, but thus far you'd have to do some somewhat extraordinary things on both my side and their side to break in.

eWeek also had a pretty scathing article about the potentials for hacking, but their proclivities are well known: just today I got the article "Blackberry 8820 a Dream Device" right after I got the "iPhone is massive security risk" email. They're like the Republicans of technology  ROFLMAO

But I'm also good with discussions about security, provided we don't publicly cross any lines that would be unseemly. If there's something too edgy I'll place it ... "Up There" Wink

/p
Logged

It is now believed, that after having lived in one compound with 3 wives and never leaving the house for 5 years, Bin Laden called the U.S. Navy Seals himself.
JasonD
Expert
****
Offline Offline

Posts: 100


View Profile
« Reply #3 on: October 04, 2007, 09:35:08 AM »

The gig 89a image thing was wonderful Smiley

Perk - got ya
Logged
Pages: [1]
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!