Month: May 2015

ImPAct Interview: Rob DiNardi, L&S Machine Co.





<div>ImPAct Interview: Mary Kohler, H&H Graphics</div>

ImPAct Interview: Mary Kohler, H&H Graphics





ImPAct Interview: Matt Rachocki, Voodoo Brewery

ImPAct Interview: Matt Rachocki, Voodoo Brewery





Reviews

Programming Tools A list of reviews and comparisons between different tools which make programming easier.
Code Quality: Comparison of free Java Code Quality Tools UML: Comparison of free UML Tools IDE: Netbeans vs Eclipse: An IDE comparison Programming Books A list of reviews of books about programming and software development.
Effective Java

Programs and Code

Java Software and Code Examples Timing Class – can profile and compare Java functions Path finding using A* Heatmap – creates a heatmap (a visual representation) from a list of points LogEval – Java Server Log Analyzer and Parser Bin Packing Algorithm Java Image Manipulation Php Projects and Code Snippets Symfony2 Tutorial for Beginners WordPress Plugin: Language Tagger and Html Cleaner
DISCLAIMER: All programs are provides as-is.

Games

Icon Type/Language Name Description Post/Download Side Scroller/Java The amazing Adventures of Stickman through the Galaxy – in a Bubble! In this free side-scroller game the player jumps, rolls, swims and even flies through a lovely designed world. He must avoid falling in pits as well as being shot by canons while he tries to make it to the finish line.

Security & Vulnerabilities

Computer Security Information A list of articles about Computer Security in general and Web Security specifically.
MongoDB: NoSQL Injection & Security Bypass CSRF Protection via XSS Scripts Mass-Download WordPress plugins for source code analysis Vulnerability disclosures External More advisories that I did not write in my free time can be found at:
My advisories at packet storm My advisories at cxsecurity. PHP Software PivotX 2.

SQL Injection & Reflected XSS in Visual Form Builder 2.8.2 (WordPress Plugin)

  • Vulnerability: SQL Injection & Reflected XSS
  • Affected Software: Visual Form Builder (WordPress Plugin)
  • Affected Version: 2.8.2 (probably also prior versions)
  • Patched Version: 2.8.3
  • Risk: High
  • Vendor Contacted: 2015-05-06
  • Vendor Fix: 2015-05-09
  • Public Disclosure: 2015-05-15

The current version (v2.8.2) of the WordPress plugin Visual Form Builder is vulnerable to reflected XSS as well as SQL injection attacks.

The damage each attack on it’s own can achieve is limited. The SQL injection can lead to data leaks, and possibly priviledge escalation or code execution, but an admin login is required. And as WordPress secures it’s relevant cookies, it’s not possible to gain a login via XSS, it is only possibly to eg display the login page and hope that the admin enters their password or inject a JavaScript keylogger; both mean that an admin doesn’t just have to visit a website, but also has to additionally enter their password somewhere. With XSS, it is also possibly to bypass CSRF, so an attacker could eg change PHP scripts if DISALLOW_FILE_EDIT is false, which hopefully is not the case.

Combined, these attacks get interesting: Via XSS it is possible to let the admin execute the SQL injection, and then send the results to the attacker. The admin only has to click on a link once, and does not have to perform any further actions.

Arbitrary File Override & Reflected XSS in My Calendar 2.3.29 (WordPress Plugin)

  • Vulnerability: Arbitrary File Override & Reflected XSS
  • Affected Software: My Calendar (WordPress Plugin)
  • Affected Version: 2.3.29 (probably also prior versions)
  • Patched Version: 2.3.30
  • Risk: Medium
  • Vendor Contacted: 2015-05-10
  • Vendor Fix: 2015-05-11
  • Public Disclosure: 2015-05-15

There is an arbitrary file override vulnerability as well as a reflected XSS vulnerability in the current version (2.3.29) of the My Calendar plugin.

Multiple Reflected XSS in Anti-Malware and Brute-Force Security by ELI (WordPress Plugin)

  • Vulnerability: Reflected XSS
  • Affected Software: Anti-Malware and Brute-Force Security by ELI (WordPress Plugin)
  • Affected Version: 4.15.17 (probably also prior versions)
  • Patched Version: 4.15.20
  • Risk: Medium
  • Vendor Contacted: 2015-05-06
  • Vendor Fix: 2015-05-09
  • Public Disclosure: 2015-05-15

There are multiple reflected XSS vulnerabilities in the current version (4.15.17) of the Anti-Malware and Brute-Force Security by ELI WordPress plugin.

Reflected XSS can lead to execution of arbitrary JavaScript in the victims browser, which can lead to key logging, phishing, stealing of cookies, changing of data, and so on. The fact that these are present in an admin area does not weaken the attack, as the most interesting victim will be an admin.