I woke up today to realize that GNUCITIZEN’s web server is bombarded with requests. Good that we are running from a scalable infrastructure. The reason for the storm was a recent disclosure of apparently new Gmail bug similar to the one which I partially and than fully disclosed here, of course after working with the vendor to resolve the problem, which is always the right thing to do.
ReadWriteWeb has a time line on the history of this attack here. Very nice summary I must say. [...]
Frame injection vulnerabilities, although some people might consider them the same as HTML injection/XSS or even a subset, they really are not the same.
Here is why:
There is no need to inject special control characters such as angle brackets (unlike HTMLi/XSS)
HTMLi/XSS filtering routines will not project against frame injection since the attacker only needs to insert a URL in the non-sanitized parameter
The best way to explain what I mean is to show an example. [...]
The stuff I am about the discuss are not big deal but we should keep them in mind.
If you haven’t noticed yet, Google Chrome supports a bunch of command line options. You can get a listing of all command line options from chrome_switches.cc. Obviously, some of them look quite powerful. Is that a concern? Well, IMHO, I think so but there is no reason to panic just yet.
Why is this a concern? I will put it this way. [...]
Google Chrome is a fact. It is a nice and slick looking browser. It is open source and it has some nice security features. However, these security features strive to protect the user from attacks which try to takeover your browser and operating system. As I explained here, because nowadays most of the data is located on the Web, it makes sense to have built-in security features to prevent the various forms of information leaks, XSS, CSRF, etc. attacks as well. [...]
It is true what many of you have heard. Google is releasing their own browser. Google Chrome, as they call it, is based on WebKit rendering engine and introduces some novel approaches to interacting with web technologies. I must say, it is very exciting to see all of this happening.
What makes Google Chrome different is its architecture. The browser is no longer single-threaded process. Each tab is actually a separate process with own memspace. [...]
The fun with hacking UPnP enabled devices has just began. We’ve started our exploration in the fields of UPnP earlier this year with some smoking posts which covered some basic attacks and the advance flash attacks. Today I stumbled across Google Media Server, a desktop gadget which allows you to share all your laptop/desktop media content with all other devices you may have locally such as your phone, xbox, TV, and I suspect, your fridge. And all that via UPnP. That, I like very much. [...]
Ok, ignore the image. This is the best I could find online. This post is about a thing I happen to notice while messing around with my own Google for Applications accounts.
Basically, Google allows you to use custom domains for your Google for Applications, Blogspot, Mashup Editor and of course App Engine accounts. I think this is an excellent feature and I use it for several of my domains. [...]
If you haven’t noticed yet, a lot of the useless sections of this site have been removed. The microblogs are also gone since they were kind of redundant. Nevertheless, I still have the urge to post random thoughts that I would like to share. So I will keep this information within the blog which is probably the best place this type of information can be listed.
So this is not a rant but observation which made me question whether humans are capable of seeing further then their nose. [...]
I am happy to inform you that I’ve been doing some work on our Google Hacking Database Tool lately. The tool is now pretty stable and it has a better looking, and a lot more intuitive interface. You can enjoy the tool right now from here, as it is entirely web-based.
The GNUCITIZEN’s GHDB project was started back in May 2007. The initial version wasn’t that nice and it sulfured from numerous bugs. [...]
I was invited to co-author Google Hacking for Penetration Testers Second Edition with the some of the greatest minds of enumeration gathering attacks and Google Hacking.
…from the book excerpt:
test your web apps with websecurify application security testing runtime