Friday, November 12, 2010

Codebits IV

Froggy frog is being froggy...

Saturday, September 4, 2010

Play! Framework <= Directory Transversal Vulnerability

Play! Framework is really great! Since I saw the video intro on their site I decided to bring that technology into my company. I strongly recommend checking it out.
That being said, I was thinking: "Well it's a new technology, let me give it a quick spin, security wise..."
Blam! It suffered from a vulnerability that allowed for anyone to read any file the owner of the java process (play! is java) could read.
So I contacted the author and gave him the details. Let me tell you, he was a very cool guy, and one hour later a fix was released.
Yes, you read it right, one hour later... kudos play!, kudos...
I later published it to the Exploit Database for the curious ones.

Saturday, July 31, 2010

libpng <= 1.4.2 DoS

CVE-2010-1205 came out and I decided to play around with it for a bit, since the potential surface attack was huge. Although I couldn't manage to dedicate much time, I eventually published a PoC for it, for those who might wonder you can get it from the excellent Exploit Database.
Fell free to dig into the code, if you manage to get a full working exploit I would love to hear from you.