hacking

How is a website hacked by a "maliciously encoded image that contained a PHP script hidden inside it"?

My ad server has been hacked over the weekend. It seems to be a widespread problem, according to this article. There is something in there that got me thinking... Attackers used one attack to get login rights to his server, and then uploaded a maliciously encoded image that contained a PHP script hidden inside it, he said. ...

What are the risks of cross domain JSONP communication?

In our web application we have run into the situation where we need to do a cross-domain AJAX calls from one domain we fully control to another domain we fully control. I've been surfing around for the best solution and the two that come to mind are a local file proxy (local file using php::fopen) or jquery/JSONP. When I look up online ...

ASP.NET site getting hacked - links appended to aspx files

A friend is asking about their ASP.NET site that has been getting hacked. It's on a hosted server - cheapo hosting. I haven't seen it myself just yet, but I'm hoping for ideas on where to look once I do. The symptoms reported are that links, some mangled, are appearing appended to the .ASPX file (aspx/html on the disk). Before I lear...

How to defend against hacking if a user submits XML

I have a feature where users can submit pure XML in a form. When my server gets the response I will validate it against a XML schema then I store it in the database. I never show the XML on a webpage unless it is in a form for editing. I use the XML to render html forms or text in a webpage and I will encode the text and never show the a...

Crazy question about website landing

Is it possible for crook to redirect website site/landing to your domain to elsewhere? Say, a visitor's intended website is, knowledgenotebook.com, but the crook redirected the user to google.com or yahoo.com or anything else? And doing so randomly, so, it can try to avoid detection... Thanks. ...

PHP session id problem

It it safe to use the built in session creator in PHP? My worry is that someone could hijack the token cookie on another persons machine, and set theirs to exactly the same, therefore tricking the server into thinking that they're the same person. Is there protection (e.g. IP checks) to stop this or should I be using something more secu...

For business, which OS is more secure: Windows 7 or OSX 10.6?

I've seen the outcomes of certain hacking competitions yield varied results and the argument over which OS is currently more secure has never seemed to go beyond an anecdotal level. I currently split my development (PHP, MySQL web applications which handle sensitive transcript information, among others) 50% between OSX Snow Leopard and ...

Hacked, what does this piece of code do?

WARNING: This is a possible exploit. Do not run directly on your server if you're not sure what to do with this. http://pastehtml.com/view/1b1m2r6.txt I believe this was uploaded via an insecure upload script. How do I decode and uncompress this code? Running it in the browser might execute it as a shell script, open up a port or somet...

Migrating to clean cpanel from a hacked server

Hello, I am about to start migrating sites to a clean install of cpanel. I do not have any backup files from the old hacked server but I do have access to the old harddrive. It is mounted on the new server as a drive. I have found articles such as http://linuxstuffs.wordpress.com/2008/08/31/directory-structure-of-cpanel/ and http:...

Oracle padding exploit - how does it download the web.config?

I know there are already a few questions on SO about the oracle padding exploit but none of them explain how it downloads the web.config. I run a couple of ASP .NET apps which I have already tested using Microsoft recommended mitigation factors but i'm still scared that people will be able to get the web.config. Can someone please expl...

How to get Mario Kart Wii scoreboard points after race into database

I don't think this is even possible, but maybe I'm missing something. A group of us play Mario Kart Wii in the office. We don't play online, just a couple races. We often have tournaments where we play multiple sets of races over a couple of weeks and then combine the scores at the end. Instead of writing the final points down after ...

Does using preparedStatement mean there will not be any SQL Injection?

I have read that to prevent SQL Injection one must use PreparedStatement. Does that mean if i am using perparedStatement then no one can perform SQL Injection in any of my page? Is it foolproof against SQL Injection? If not then please give some example to demonstrate this. ...

Need help with this XSS attack

Did anybody know more information about this attack ? I recently got this script injected in my web sites By the way dont go on this web site since it's the source of the infection </title><script src=http://google-stats50.**fo/***.php&gt; What kind of attack is it, SQL or CODE ? By the way dont go on this web site since it's the ...

Is the ASP.NET cryptographic vulnerability work around a BIG LIE?

This question is somewhat of a follow up to How serious is this new ASP.NET security vulnerability and how can I workaround it? So if my question seems to be broken read over this question and its accepted solution first and then take that into the context of my question. Can someone explain why returning the same error page and same st...

Http Sesssion is common after recreation of session

Hi , I have one issue related to session id, in my application i am removing all session attributes and invalidating the session, then recreate the new session and assign old values. but in this scenario always gives the same session id. The reason for doing this is that session hijack they get the old session id and hack the applicatio...

Destiney Rated Images Script template's section comment

I'm hacking this script in order suit it to my needs... To be clearer the script is this: http://destiney.com/php#Destiney_rated_images it was recommended to me by a stackoverflow user...Thanks Yasterday I was working on it and I don't know how, using the Chrome's developer tools I saw that in the html code there were the beginning and ...

Unpatched Linux Kernel Vulnerabilities

I recently found out that there are several vulnerabilities in the linux kernel that allow for privilge escalation, that have not been patched yet in the major distributions, and have public exploits on the usual sources. For example, I could get root on any of my completely up to date Ubuntu 10.04 systems using this very simple exploit....

My web site database is hacked.

My website has been attacked by some malicious script / title script src = http : // google-stats46.info/ur.php . This script is appended to any column(s) of some table automatically. I have removed this script. But after a few hours, it re-appeared in some tables. But this time it is / title script src = http : // google-stats45.inf...

How is this PHP authentication function hackable?

This is a recursive function I wrote to determine whether or not a given user is authorized to view content on a page. It is called in essentially the following fashion: if(authorize($_SESSION['user']['user_id'], $necessaryClearance)){ //Output restricted content } else{ //Inform user they are not authorized } Every user has ...

Use XSS on a site, Dynamically

Hi, I'm trying to find out if it's possible to check site's to be vulnerable to XSS dynamically, by using PHP. Are there solutions for this? Or is it just impossible and should it be done by hand? Kevin ...