BUY THE BOOKS
NEWS
AUTHORS
CONTENTS
FOREWORD
LINKS
REVIEWS
TOOLS
ERRATA
ARCHIVE
Windows
Hacking Exposed
Foreword to the First Edition,
by Mark Curphey
News Archive
For the past five years a silent but revolutionary shift in focus has been changing the information security industry and the hacking community alike. As people came to grips with technology and process to secure their networks and operating systems using firewalls, intrusion detection systems and host hardening techniques, the world started exposing its heart and soul on the Internet via a phenomenon called the world wide web. The web makes access to customers and prospects easier than was ever imaginable before. Sun, Microsoft and Oracle are betting their whole business's on the web being the primary platform for commerce in the 21st century.
But its akin to a building industry thats spent years developing sophisticated strong doors and locks, only to wake up one morning and realize that glass is see thru, fragile and easily broken by the casual house burglar. As security companies and professionals have been busy helping organizations react to the network security concerns, little attention has been paid to applications at a time when they were the fastest and most widely adopted technology being deployed. When I started moderating the web application security mailing list at www.securityfocus.com two years ago, I think it is safe to say people were confused about the security dangers on the web. Much was being made about malicious mobile code and the dangers of web based trojans. These parlor tricks on users were really trivial compared to the havoc being created by hackers attacking web applications. Airlines have been duped into selling transatlantic tickets for a few dollars, online vendors have exposed millions of customers valid credit card details and hospitals have revealed patients records to name but a few. A web application attack can stop a business in its tracks with one click of the mouse.
Just as the original Hacking Exposed series revealed the techniques the bad guys were hiding behind, I am confident "Hacking Web Applications Exposed" will do the same for this critical technology. Its methodical approach and appropriate detail will be both enlighten and educate and should go a long way to make the web a safer place in which to do business.
-- Mark
Curphey, June 2002
Vice President, Foundstone Professional Services,
Former Chair of the Open Web Application Security Project
12/21/05 - Google UTF-7 encoded cross-site scripting
(XSS) vulnerabilities
Watchfire Corporation published an
advisory concerning two cross-site scripting (XSS) vulnerabilities in
google.com. The first exploits a URL redirection script http://www.google.com/url?q=,
and the second concerns Google's 404 NOT FOUND mechanism at http://www.google.com/NOTFOUND.
Although Google blocks common XSS injetion techniques, both URLs are vulnerable
to UTF-7 encoded XSS exploits. Internet Explorer will automatically
set UTF-7 encoding if it encounters UTF-7 encoded content in the first
4096 characters of an HTTP response. A example image link encoded with
UTF-7 is as follows: +ADw-img src+AD0AIg-javascript:alert('Vulnerable')+ADsAIgA+-
11/08/05 - "Lupper/Plupii" PHP worm spreading
widely
The worm exploits three vulnerabilities: the XML-RPC
for PHP Remote Code Injection vulnerability; AWStats
Rawlog Plugin Logfile Parameter Input Validation vulnerability; and
Darryl Burgdorf's Webhints
Remote Command Execution vulnerability, according to Symantec
(who calls it "Plupii"). McAfee,
who calls it "Lupper," says it has received reports of remote
control back doors being delivered via worm infection. The firms rate
the worm as "medium" and "low" risk, but Zone-H
reports of compromised Linux sites spiked considerably in the last
2-3 days, according to readers.
6/24/02 - HE Web Apps makes "Product
of the Week" on Sunbelt.com!
As always, hats off to Stu Sjouwerman's class W2K security newsletter.
6/21/02 - Hacking Exposed Web Apps published!
It's official as of June 21, 2002. See our Products
page to get your copy.
