Mario Heiderich

mario

All necessary information about .mario can be found on his vcard. more

Total surveillance made easy with VoIP phones

Remember the article about call jacking with the BT Home Hub? Here is something comparable but pretty new. Since Ronald and pdp had announced the router hacking challenge, I’ve decided to play around a little bit and as a result I’ve managed to find a rather interesting issue. Although not directly related to the router hacking contest, the results I’ve got were rather disturbing and made me get a totally new view on the VoIP phone security landscape. [...]

more | comments | comments rss | posted by

CSRF Demystified

Cross-Site Request Forgery has been all over the press recently since several major sites and web applications were plagued by exploits and uncovered vulnerabilities – including GMail, Google AdSense and many others. When talking to developers about CSRF there’s mostly not that much knowledge and a lot of misconceptions and FUD. Sometimes the term CSRF hasn’t even been heard of before. [...]

more | comments | comments rss | posted by

Tomorrow’s Trojan Peddlers

Some weeks ago I did play a little bit with various nopaste applications – you know, the tools that allow you to paste/host huge amounts of regular text, source code and other non binary stuff. There are dozens of them out there and most of them provide no ACL, whatsoever. So anyone can see the text you’ve pasted. Pasting new data happens in a matter of seconds due to the very plain interfaces these sites implement. [...]

more | comments | comments rss | posted by

Snippets of defense Pt.IV

This article is part of a series of posts about small and easy to understand code fragments you can use on your site for protection against certain kinds of attacks. Also this series is targeted to help you understand better what tricks are used by attackers to break into your site and how to avert them. If you have a Snippet of defense yourself and you want to share it, feel free to contact us. Self-defense with a walking-stick. [...]

more | comments | comments rss | posted by

Snippets of defense Pt.III

This article is part of a series of posts about small and easy to understand code fragments you can use on your site for protection against certain kinds of attacks. Also this series is targeted to help you understand better what tricks are used by attackers to break into your site and how to avert them. If you have a Snippet of defense yourself and you want to share it, feel free to contact us. Self-defense with a Walking-stick. [...]

more | comments | comments rss | posted by

Snippets of defense Pt.II

This article is part of a series of posts about small and easy to understand code fragments you can use on your site for protection against certain kinds of attacks. Also this series is targeted to help you understand better what tricks are used by attackers to break into your site and how to avert them. If you have a Snippet of defense yourself and you want to share it, feel free to contact us. [...]

more | comments | comments rss | posted by

Snippets of defense Pt.I

This article is the start of a series of posts about small and easy to understand code fragments you can use on your site for protection against certain kinds of attacks. Also this series is targeted to help you understand better what tricks are used by attackers to break your site and how to avert this. If you have a Snippet of defense yourself and want to share it feel free to contact us. [...]

more | comments | comments rss | posted by

Constructive Chaos

Recently several interesting tools were released to cover one special aspect of fuzz testing in web application security – JavaScript fuzzing. Mozilla has released their fuzzer called JSFunFuzz and Gareth Heyes has released a tool called JavaScript Fuzzer 2.1. Both of them have more or less similar purpose although, they use different methods for reaching their targets.

Chaotic fuzzing

The Mozilla fuzzer or JSFunFuzz has been around for some time now. [...]

more | comments | comments rss | posted by

U R Insecure – how URI exploits are changing the webappsec landscape

This article is about the recent activities and research that have been undertaken around the area of uri handler implementations in modern browsers. It is also about the tremendous security problems that were discovered as a result of that. And it is also about the ways application developers can protect their users from the raising threat.

Once upon a time…

Browsers have URI handling features for quite some time now. [...]

more | comments | comments rss | posted by

Interview with XS-Snipers

Q: How did you discover the potential of URI handler research?

Billy was eating a peanut butter and jelly sandwich and a big glob of peanut butter fell on the keyboard and typed res:// and pushed enter into his IE window. No, seriously, Rios discovered some interesting stuff with the res:// URI, shortly there after I discovered some articles around the ms-its:// URI and figured this may be an avenue of attack. [...]

more | comments | comments rss | posted by