 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 600
 Members: 0
 Total: 600
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
|
| I personally do not know of any program like this. Whenever I try to follow a function I just grep for the function names and manually read the code. Sometimes I even come across other issues while do ... |
|
|
|
|
| The headers sent by this exploit script are not RFC compliant and confuse virtualhosts. That is why the LWP versions work (LWP Builds the headers for you) and this one does not. |
|
|
|
|
Also, this is a great read for anyone wanting to lock down thier newly installed MSSQL Server 
http://www.securitymap.net/sdm/docs/windows/mssql-checklist.html |
|
|
|
|
Well, if you really want help you should give us more details. Also, some servers will disable the type of functionality you are trying to use  |
|
|
|
|
| Too bad some kiddie defaced his server, but he did get 10 CPE credits towards his CISSP for writing that paper |
|
|
|
|
lol. That is hilarious. Thanks for the link!  |
|
|
|
|
Well, I did like that one advisory that was the result of "auditing" an application coded in .asp and the suggested fix was to use htmlspecialchars() and addlsashes()  |
|
|
|
|
1) Putting any non integer based value that doesn't return a record will result in the blank profile.
2) The regex issue in highlight is more of a bug than a security issue. I could be wrong, but I ... |
|
|
|
|
This issue was reported to the developers a long time ago. Go here to see the details and the response sent from the lead developer.
Edit: Forgot to post the link. Been a long day setting up blaste ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
