################################################
# Website: www.papajohnspizza.in
# Date: 20.03.13
# Bug: File Inclusion (Remote / Local)
###############################################
And please guys make your website a little secure, it shouldn't take 'just' 20 minutes for server pwnage (sic)... Do your homework on the login page, scripting on the client side and remove the plugins that are not necessary... More importantly allocate a budget towards securing your website, because your WWW is your brand image on the Internet.
Cheers,
Kish
Showing posts with label Web Hacking. Show all posts
Showing posts with label Web Hacking. Show all posts
Tuesday, March 19, 2013
Tuesday, January 17, 2012
Happy NY2012 - Directory Traversal
Shouts to all the people who tell me, directory traversal / listing is NOT important.
Additional shouts to people who tell me, how their website "security" budget is cramped, but they can do endless scans of their intranet, internal network and desktops for compliance, year on year! :)
################################################
# Website: www.mmasuperstore.com.au
# Date: 18.01.12
# Bug: Database PWNage
###############################################
If only you guys had invested a portion of the money you spent on design towards security, this day would not have arrived!
But, Enjoy while it lasts... Consider this to be more publicity :))
Directory Traversal Vuln - MMA Super Store
WP Config File - MMA Super Store
What you have to learn from this incident is invest in security... as much or a portion of your design budget. Test the website with QA & Security instead of designing eye candy and flashing banners for "affiliate" dollars in mind!
When you run an online store and sell merchandise, please provide the "level of security" promised in your privacy statement instead of keeping things adhoc and designing a flashy website. The Internet is not a secure place, the Internet was not designed with adequate security.
Directory traversal is often overlooked and Websites don't get the attention they deserve, in 2012, that's a bad statistic !
Cheers,
Kish
Additional shouts to people who tell me, how their website "security" budget is cramped, but they can do endless scans of their intranet, internal network and desktops for compliance, year on year! :)
################################################
# Website: www.mmasuperstore.com.au
# Date: 18.01.12
# Bug: Database PWNage
###############################################
If only you guys had invested a portion of the money you spent on design towards security, this day would not have arrived!
But, Enjoy while it lasts... Consider this to be more publicity :))
Directory Traversal Vuln - MMA Super Store
WP Config File - MMA Super Store
What you have to learn from this incident is invest in security... as much or a portion of your design budget. Test the website with QA & Security instead of designing eye candy and flashing banners for "affiliate" dollars in mind!
When you run an online store and sell merchandise, please provide the "level of security" promised in your privacy statement instead of keeping things adhoc and designing a flashy website. The Internet is not a secure place, the Internet was not designed with adequate security.
Directory traversal is often overlooked and Websites don't get the attention they deserve, in 2012, that's a bad statistic !
Cheers,
Kish
Labels:
Crimemachine,
Directory,
Google Hacking,
Hacking,
Insecure Times,
MMA,
Store,
Super,
Traversal,
Web Hacking,
Web Security
Tuesday, October 18, 2011
Metallica Concert - Oct 30th, Bangalore
################################################
# Website: www.ticketgenie.in
# Date: 18.10.11
# Bug: XSS / SQLi / Multiple Vulnerabilities
###############################################
Special advisory dedicated to all metal heads and headbangers from all over the world. The concert tickets for Metallica's show at Bangalore, Palace grounds is available at TicketGenie website... The tickets started getting sold publicly 3 days back according to a news website. So you can pay for the ticket or get it for FREE :D
How many tickets do you want? :))
Want to track other people's tickets?
BONUS: Login page is vulnerable to bruteforce attacks, since there is no account lockout mechanism
We have not included Proof-of-Concept demonstrations as with other posts, since the pages can be abused to buy free tickets :))
A website which deals with financial information should be better protected than this... I am NOT going to trust Ticket Genie with my credit card, unless they show some improvement with security.
Cheers,
Kish
# Website: www.ticketgenie.in
# Date: 18.10.11
# Bug: XSS / SQLi / Multiple Vulnerabilities
###############################################
Special advisory dedicated to all metal heads and headbangers from all over the world. The concert tickets for Metallica's show at Bangalore, Palace grounds is available at TicketGenie website... The tickets started getting sold publicly 3 days back according to a news website. So you can pay for the ticket or get it for FREE :D
How many tickets do you want? :))
Want to track other people's tickets?
BONUS: Login page is vulnerable to bruteforce attacks, since there is no account lockout mechanism
We have not included Proof-of-Concept demonstrations as with other posts, since the pages can be abused to buy free tickets :))
A website which deals with financial information should be better protected than this... I am NOT going to trust Ticket Genie with my credit card, unless they show some improvement with security.
Cheers,
Kish
Labels:
Bangalore,
Concert,
Crimemachine,
Free Ticket,
Genie,
Headbangers,
Insecure,
Insecure Times,
Metal,
Metalheads,
Metallica,
SQLi,
Ticket,
Ticketgenie,
Web Hacking,
Whack,
XSS
Monday, July 11, 2011
New Google Dork (Thanks AXN!)
Presenting our own google dork, which stemmed from the AXN site goodies... To check whether a particular site uses jQuery extensively...
You can use this query...
You can check a specific website using the site operator...
Cheers,
Kish
You can use this query...
intext: * jQuery 1.2.6 - New Wave Javascript * * Copyright (c)
You can check a specific website using the site operator...
Cheers,
Kish
Labels:
Crimemachine,
Google Dork,
Google Hacking,
Insecure,
Insecure Times,
Web Hacking
AXN India - Exposed to the Internet
A simple google query did the trick... :D



This is not a great flaw by itself... the site's administration should not be enabled for all internet users (to play with and break the authentication)...We did not poke with the authentication scheme, hehe ;)

Update: We also found cron.php, install.php, xmlrpc.php, half a dozen email addresses, directory traversal (scripts, modules, profiles, themes, sites) and lots more...

Stopped playing for we didn't want to end up accidentally hacking the website :))
Bottom line: Functionally sound, security wise - bad idea?
Shouts to Jaymee ong... (marry me please !) and the eBuzz Team who's programme was being featured on AXN before I found the goodies :D



This is not a great flaw by itself... the site's administration should not be enabled for all internet users (to play with and break the authentication)...We did not poke with the authentication scheme, hehe ;)

Update: We also found cron.php, install.php, xmlrpc.php, half a dozen email addresses, directory traversal (scripts, modules, profiles, themes, sites) and lots more...

Stopped playing for we didn't want to end up accidentally hacking the website :))
Bottom line: Functionally sound, security wise - bad idea?
Shouts to Jaymee ong... (marry me please !) and the eBuzz Team who's programme was being featured on AXN before I found the goodies :D
Labels:
AXN,
AXN India,
Crimemachine,
eBuzz,
Google,
Google Hacking,
Insecure,
Insecure Times,
Web Hacking
Money Image - Error Based SQLi
########################################
# Website: www.moneyimg.com
# Date: 11.07.11
# Bug: SQLi (SQL Injection)
########################################
Money Image is a website similar to Image shack :)
Click here for demo
Fix your input validation fellas !
Cheers,
Kish
# Website: www.moneyimg.com
# Date: 11.07.11
# Bug: SQLi (SQL Injection)
########################################
Money Image is a website similar to Image shack :)
Click here for demo
Fix your input validation fellas !
Cheers,
Kish
Labels:
Crimemachine,
Image,
Image Hosting,
Insecure,
Insecure Times,
Money,
Money Image,
SQL Injection,
SQLi,
Web Hacking,
Whack
Matasano Chargen - Redirection
########################################
# Website: www.matasano.com
# Date: 11.07.11
# Bug: Cross Site Scripting / Redirect
########################################
When reading their blog, you surf their services page, check out their RFP page and what comes up suddenly... a redirection page, hehe :D
>> Click here for redirect demo <<
This one was totally unintended, but fun nonetheless spotting bugs in a security company's website !
Cheers,
Kish
# Website: www.matasano.com
# Date: 11.07.11
# Bug: Cross Site Scripting / Redirect
########################################
When reading their blog, you surf their services page, check out their RFP page and what comes up suddenly... a redirection page, hehe :D
>> Click here for redirect demo <<
This one was totally unintended, but fun nonetheless spotting bugs in a security company's website !
Cheers,
Kish
Labels:
Chargen,
Crimemachine,
Experts,
Insecure,
Insecure Times,
Matasano,
Web Hacking,
XSS
Thursday, December 30, 2010
ISS - Internet Security Systems?
I have great respect for the guys at ISS X-Force... You guys are the best, nothing personal :)
Although, I'm certain they wouldn't approve of this screenshot here...

Vuln URL: hxxp://webapp.iss.net/Search.do
On Behalf of Crimemachine, Wish You (Our Readers) a Happy New Year Guys
We are Back ! ;)
Although, I'm certain they wouldn't approve of this screenshot here...

Vuln URL: hxxp://webapp.iss.net/Search.do
On Behalf of Crimemachine, Wish You (Our Readers) a Happy New Year Guys
We are Back ! ;)
Labels:
Crimemachine,
Digi,
Experts,
HTML Injection,
IBM,
Insecure,
Insecure Times,
ISS,
Web Hacking,
Whack,
X-Force,
XSS
Wednesday, July 28, 2010
Talk about facebook funnies
http://graph.facebook.com/566543089 -> now that's funny ! :D
One more just to make sure, we can still rely on facebook ;)
nyaaaa, what's that : http://graph.facebook.com/676543089
Since when did we need a Opera or Firefox for facebook, lol ! :D
Cheers,
Kish
{
"id": "566543089",
"name": "Leo Fu",
"first_name": "Leo",
"last_name": "Fu",
"link": "http://www.facebook.com/people/Leo-Fu/566543089",
"gender": "male",
"locale": "zh_HK"
}
One more just to make sure, we can still rely on facebook ;)
nyaaaa, what's that : http://graph.facebook.com/676543089
{
"id": "676543089",
"name": "Michael Seng",
"first_name": "Michael",
"last_name": "Seng",
"link": "http://www.facebook.com/people/Michael-Seng/676543089",
"gender": "male",
"locale": "en_US"
}
Since when did we need a Opera or Firefox for facebook, lol ! :D
Cheers,
Kish
Labels:
Crimemachine,
Facebook,
Funny,
Graph me,
Humor,
Insecure,
Insecure Times,
social networking,
Web Hacking
Sunday, September 20, 2009
XSS in Linuxmafia website - Today's lulz
#########################
# Website: www.linuxmafia.com
# Date: 21.09.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.linuxmafia.com/kb/
Sorry folks, I am lazy to post a screenshot for this one... just a quickie, if you will...
Click here for the demo
Click here for another demo (this one's a bit serious)
Cheers,
Kish
# Website: www.linuxmafia.com
# Date: 21.09.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.linuxmafia.com/kb/
Sorry folks, I am lazy to post a screenshot for this one... just a quickie, if you will...
Click here for the demo
Click here for another demo (this one's a bit serious)
Cheers,
Kish
Labels:
Crimemachine,
Hack,
Hacking,
Insecure,
Insecure Times,
linux,
linuxmafia,
lulz,
mafia,
Web Hacking,
Whack,
XSS
Wednesday, August 26, 2009
Advisory Updates: Q2 2009, and a bit more...
Even though a spectacular hack was pulled off on Imageshack, they've not fixed their bug yet.
The lazy developers behind the Indian Premier League (oh reely??) have not fixed their XSS and SQLi bugs either... In 2009 if you want to see a demo, of a site allowing "delete method" in databases please visit them :))
ZDNet that writes the special 0-day column, apart from regular security ramblings is "yet" to fix their bug, and Dancho danchev, one of the authors from their team is still replying to mail...
Adobe atleast fixed their bug even though it was late, and I applaud their security team / devs for their store.
Electronic arts and blogarama haven't fixed their bugs just like the others, no I am not surprised
Probably, I'll write the next / final advisory update for this year in 3 to 4 months from now... Keep your eyes open !
Cheers :)
Kish
The lazy developers behind the Indian Premier League (oh reely??) have not fixed their XSS and SQLi bugs either... In 2009 if you want to see a demo, of a site allowing "delete method" in databases please visit them :))
ZDNet that writes the special 0-day column, apart from regular security ramblings is "yet" to fix their bug, and Dancho danchev, one of the authors from their team is still replying to mail...
Adobe atleast fixed their bug even though it was late, and I applaud their security team / devs for their store.
Electronic arts and blogarama haven't fixed their bugs just like the others, no I am not surprised
Probably, I'll write the next / final advisory update for this year in 3 to 4 months from now... Keep your eyes open !
Cheers :)
Kish
Labels:
Adobe,
Blog,
Blogarama,
Crimemachine,
Digi,
Electronic Arts,
eShop,
Hack,
Hacking,
Indian Premier League,
Insecure,
Insecure Times,
IPL,
SQL Injection,
SQLi,
Web Hacking,
Whack,
XSS,
ZDNet
ESPN Shop - XSS
#########################
# Website: www.espnshop.com
# Real gear for Real "XSS" fans
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.espnshop.com

Click here for the demo
Learn input validation, and try to use it :)
Cheers,
Kish !
P.S: This was found and reported to ESPN in late 2008, but they're very active as you can see.
# Website: www.espnshop.com
# Real gear for Real "XSS" fans
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.espnshop.com

Click here for the demo
Learn input validation, and try to use it :)
Cheers,
Kish !
P.S: This was found and reported to ESPN in late 2008, but they're very active as you can see.
Labels:
Crimemachine,
eShop,
ESPN,
ESPNShop,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Web Hacking,
Whack,
XSS
Thursday, June 25, 2009
Electronic Arts - XSS vulnerability
#########################
# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com

Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com

Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
Labels:
Crimemachine,
EA.com,
Electronic Arts,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Web Hacking,
XSS
Friday, May 29, 2009
XSS in Blogarama
#########################
# Website: www.blogarama.com
# Date: 29.05.09
# Bug: XSS
########################
Vuln URL: hxxp://www.blogarama.com

Click here for the demo
Fix input validation in your website...
Cheers :)
Kish
# Website: www.blogarama.com
# Date: 29.05.09
# Bug: XSS
########################
Vuln URL: hxxp://www.blogarama.com

Click here for the demo
Fix input validation in your website...
Cheers :)
Kish
Labels:
Blog,
Blogarama,
Crimemachine,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Web Hacking,
Whack,
XSS
Sunday, May 17, 2009
XSS in Adobe's Store
#############################
# Website: www.abobe.com
# Date: 17.05.09
# Bug: XSS
############################
Vuln URL: hxxps://store3.adobe.com

Click here to see the demo
Fix your input validation, and make shopping with adobe a good memory for the customer.
Cheers :)
Kish
# Website: www.abobe.com
# Date: 17.05.09
# Bug: XSS
############################
Vuln URL: hxxps://store3.adobe.com

Click here to see the demo
Fix your input validation, and make shopping with adobe a good memory for the customer.
Cheers :)
Kish
Labels:
Adobe,
Crimemachine,
eShop,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Store,
Web Hacking,
Whack,
XSS
Sunday, May 3, 2009
HTML Injection in ZDNET
############################
# Website: http://blogs.zdnet.com
# "Say hello to the experts"
# Bug: HTML Injection, XSS
# Date: 03.05.09
############################
Vuln URL: hxxp://blogs.zdnet.com

Click here to see the demo
Please advise people about web-application vulnerabilities, after you've fixed them ! *coughs*
Talking about input validation, their email form is a bad example... and can I use it to send my friend an email ? You bet... it's free email spoofing service, courtesy of ZDnet ;))
Cheers,
Kish
# Website: http://blogs.zdnet.com
# "Say hello to the experts"
# Bug: HTML Injection, XSS
# Date: 03.05.09
############################
Vuln URL: hxxp://blogs.zdnet.com

Click here to see the demo
Please advise people about web-application vulnerabilities, after you've fixed them ! *coughs*
Talking about input validation, their email form is a bad example... and can I use it to send my friend an email ? You bet... it's free email spoofing service, courtesy of ZDnet ;))
Cheers,
Kish
Labels:
Crimemachine,
Experts,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Web Hacking,
Whack,
XSS,
ZDNet
Saturday, April 25, 2009
XSS in Imageshack
################################
# Website: http://www.imageshack.us
# Bug: XSS
# Date: 25.04.09
##############################
# Website: http://www.imageshack.us
# Bug: XSS
# Date: 25.04.09
##############################

Vuln URL: hxxp://www.imageshack.us
Click here for XSS demo
Fix your input validation.
Cheers,
Kish
Labels:
Crimemachine,
Hack,
Hacking,
Image Hosting,
Imageshack,
Insecure,
Insecure Times,
Web Hacking,
Whack,
XSS
Friday, March 27, 2009
XSS in NSA's website
################################
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################

Vuln URL: hxxp://www.nsa.gov
Click for the XSS demo
Fix input validation in your page... Please be true to your THREE Letter acronym ;)
Cheers :)
Kish
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################

Vuln URL: hxxp://www.nsa.gov
Click for the XSS demo
Fix input validation in your page... Please be true to your THREE Letter acronym ;)
Cheers :)
Kish
Labels:
Crimemachine,
Gov,
Government,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
National Security,
National Security Agency,
NSA,
Web Hacking,
Whack,
XSS
Wednesday, March 11, 2009
Advisory updates: Q1 2009 and a few more ...
Advisory updates, First Quarter, 2009, and a few from 2008.

DMOZ search's xss was found 2 months back... and NASA's XSS at Goddard space flight center, was exactly a month ago...
The other findings, from Myspace, AVG antivirus, and ESET antivirus websites, are also not fixed ... considering that these websites have a good user base, and are expected to fix quickly.
HSBC haven't fixed their bug just yet ... but it is obvious, they're a bank and they want money... not security ;)
The Indian government website, has removed the page having input sanitization problems, instead of fixing it... still not bad ... they've taken some measures to stay at bay ...
Cheers :)
Kish

DMOZ search's xss was found 2 months back... and NASA's XSS at Goddard space flight center, was exactly a month ago...
The other findings, from Myspace, AVG antivirus, and ESET antivirus websites, are also not fixed ... considering that these websites have a good user base, and are expected to fix quickly.
HSBC haven't fixed their bug just yet ... but it is obvious, they're a bank and they want money... not security ;)
The Indian government website, has removed the page having input sanitization problems, instead of fixing it... still not bad ... they've taken some measures to stay at bay ...
Cheers :)
Kish
Labels:
AVG,
Crimemachine,
dmoz,
ESET,
HSBC,
HSBC Bank,
HTML Injection,
Insecure,
Insecure Times,
Myspace,
nasa,
nasa.gov,
Phishing,
social networking,
Web Hacking,
Whack,
XSS
Monday, March 9, 2009
XSS in AVG website
#########################################
# Website: http://www.avg.com
# Bug: XSS
# Date: 09.03.09
########################################
Vuln URL: hxxp://www.avg.com
Screenshot
Click here for the demo
The AV vendors have failed to secure their websites, and their saga of web bugs, ranging from sql injection, earlier demonstrated by Romanian hackers, to the XSS bugs we're demonstrating will continue...
Fix input validation in your pages, the page affected is their "license" page...
Cheers :)
Kish
# Website: http://www.avg.com
# Bug: XSS
# Date: 09.03.09
########################################
Vuln URL: hxxp://www.avg.com
Screenshot
Click here for the demoThe AV vendors have failed to secure their websites, and their saga of web bugs, ranging from sql injection, earlier demonstrated by Romanian hackers, to the XSS bugs we're demonstrating will continue...
Fix input validation in your pages, the page affected is their "license" page...
Cheers :)
Kish
Labels:
antivirus,
AVG,
Crimemachine,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Web Hacking,
Whack,
XSS
Subscribe to:
Posts (Atom)






