Google Chromercise
Even though we’ve published some exploits and other unexpected features in Googles services – you have to love them. Anyway, Happy Aprils fools day! Cheers!
More+- By Fredrik Nordberg Almroth
- |
- |
- Documentation, Google, Web Security
Author Archive
Google Dorks 2.0
Google and all of it’s services must be the most advanced and handy SaaS-solution(s) ever created. Google is also known to be the “hackers best friend”. …so why bother to run automated “Google-Dork Scanners” manually, when Google just as well could do the job for you?
More+Google AdWords XSS’es
I don’t normally disclose vulnerabilities for web applications – but it’s Google. I’ve been mailing them – and they told me I didn’t find anything of relevance. So they decided not to patch the vulnerabilities. …and if there isn’t any vulnerabilites, I must be able to write about them right?
More+ColdFusion & MySQL XSS’es
Sometimes XSS vulnerabilities can be handier than SQL-injections. Sometimes you’re able to cause XSS’es through SQL-injections. See the connection? There was an exploit released in 2006 (that’s old) which discussed the topic of executing XSS’es through error pages in Adobe’s ColdFusion version 6.1, 7.01, and 7.02.
More+PHP Float DoS <= 5.3.X
I’m not sure if you’ve heard it or not, it’s actually “rather old” news now, but PHP 5.3.X suffers from a floating-point denial of service. If the PHP interpreter tries to parses a specific number, the fork/thread (?) simply hangs and starts consuming CPU resources…
More+