I was at the CCC (28C3) congress in Berlin recently. Where the two researchers Alexander ‘alech’ Klink and Julian ‘zeri’ Wälde disclosed a DoS vulnerability affecting about all programming languages in the way they utilize hashtables. Funny thing is, most server technologies, PHP, ASP (.NET), Java variants, Pyhon (django) etc, all appear to be vulnerable to different variants of the attack. It consists of abusing the hashtable datastructure(s) in a way…
More+What have been seen, cannot be unseen.
After my release about the Tiny PHP Shell, Mr. Gareth Hayes @ The Spanner made a non-alphanumeric variant. I got inspired by his nifty script and started researching further. My main plan was to create an array of data with different values in order to have something to work with. So my first shot was this: @$_[]=@!+_; PHP will try to parse the green underscore as a constant, when the interpreter…
More+This is how you feel when you discover obvious vulnerabilities.
‘Nuff said.
Cya soon.
I shall now present a method which appear to be long forgotten.
I first stumbled upon it back in 2008 when the group VFH (Vuxna Förbannade Hackare) spread havoc upon Swedish agencies and organizations.
Trigger based backdoors in MySQL.
More+