Archive for December, 2007

security advisory: Plogger Photo Gallery SQL Injection

Wednesday, December 19th, 2007

Plogger is an open source PHP photo gallery with over two years of development and more than 50,000 downloads. The Plogger web site (http://www.plogger.org), describes the application as a fully featured photo sharing package with an attractive and easy to use administrative interface.

It was found that insufficient validation was applied to the input parameters of the script that generates Plogger’s RSS feeds. As a result, SQL code could be injected into Plogger database queries (read the security advisory - mirror #1, mirror #2).

update: this vulnerability has been assigned the following CVE number: CVE-2007-6587.
(more…)

Posted in Security | No Comments »

ruby workshop: the way of the Qt samurai

Monday, December 17th, 2007

As a side result of my work with dradis during the last months, I’ve been working on some technical sessions that will be grouped in what could be called a “ruby workshop”. The first of this sessions is on ruby + Qt programming and is available now.

  • Slides can be found here.
  • Source and examples: here.

Posted in Ruby, X Windows | No Comments »

xmitm: xml man in the middle

Sunday, December 16th, 2007

This post is a result of ideas and tools developed during the review of client-side applications that use the XMPP protocol to communicate with a server (opening a raw socket, not using HTTP as a transport).

The only way we could think of getting our hands on the communication was to write a small set of scripts to trick the client and encapsulate the communication inside HTTP requests that we could then manipulate using standard proxy tools such as burp.

Although the information and scripts described in this post are focussed on intercepting a XML communication, the same principles apply to man in the middle any ASCII protocol such as smtp, ftp or pop.

update: slides available here
(more…)

Posted in Networking, Ruby, Security, Shell Script | 2 Comments »

howto resize an ext3 partition without losing data

Friday, December 14th, 2007

This has not been the first time I have tried, but it has been the first time it has worked. And the best of it, no Partition Magic or (qt)parted is needed, just pure old tune2fs, resize2fs and fdisk (read the man pages and backup everything as usual :roll: ).
(more…)

Posted in Hardware | No Comments »

dradis

Tuesday, December 11th, 2007

dradis is a tool for sharing information during a pentest. If you are part of a team of testers working against the same set of targets, you will need to comunicate with each other. The most efficient this communication the more chances of a successful breach you will have.
(more…)

Posted in Networking, Ruby, Security | 1 Comment »