ethicalhack3r

DevBug – PHP Static Code Analysis

ethicalhack3r — Sun, 20 May 2012 12:13:14 +0000

My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software. Due to my familiarity with [...]

Old School hacking

ethicalhack3r — Wed, 09 May 2012 19:20:00 +0000

Back in the late nineties, around 1999, my mother bought me my first computer. Around this time The Matrix movie was released which as a young boy with a new computer had me Yahoo’ing (Google was largely unknown) for the term ‘hacking’. Back then Yahoo! Chat was still around and had a chat room called [...]

X-Frame-Options

ethicalhack3r — Sat, 07 Apr 2012 13:36:03 +0000

A colleague tweeted a link to a blog post by WhiteHat Security about the X-Frame-Options HTTP header. I had heard of X-Frame-Options before and knew what it did but didn’t really know how it was used so I decided to investigate further. X-Frame-Options is a HTTP response header that tells the browser what pages are [...]

Wireless Man In The Middle (MITM)

ethicalhack3r — Mon, 13 Feb 2012 18:41:47 +0000

This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they’re the ones who call me an ‘expert’, personally, [...]

Prevention of unwanted telemarketing calls

ethicalhack3r — Fri, 20 Jan 2012 14:54:12 +0000

I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free. I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations [...]

WordPress 3.3 Cross-Site Scripting (XSS)

ethicalhack3r — Tue, 03 Jan 2012 18:56:14 +0000

Yesterday two Indian security researchers, Aditya Modha & Samir Shah, released an advisory outlining a Cross-Site Scripting (XSS) vulnerability within the latest version (at the time of writing) of WordPress 3.3. Many people started re-tweeting the news (including myself) and blogging about it. The problem came when I tried to reproduce the vulnerability, I couldn’t. [...]

WordPress Plugin Disqus Comment System XSS

ethicalhack3r — Sun, 11 Dec 2011 16:15:17 +0000

# Exploit Title: WordPress Plugin Disqus Comment System < = 2.68 Reflected Cross-Site Scripting (XSS) # Google Dork: inurl:/wp-content/plugins/disqus-comment-system/ # Date: 11.12.11 # Author: Ryan Dewhurst (@ethicalhack3r) # Software Link: http://downloads.wordpress.org/plugin/disqus-comment-system.2.68.zip # Version: 2.68 # Tested on: Cross-Platform ** Vulnerability Description ** The WordPress Disqus Commment System version 2.68 was found to be effected by [...]

EC-Council – CEH – Unethical Behavior

ethicalhack3r — Sun, 27 Nov 2011 17:42:58 +0000

The EC-Council or ‘The International Council of E-Commerce Consultants’ as they like to call themselves offer a range of different services, mostly in the field of Information Security training and certifications. One of their certifications, the Certified Ethical Hacker (CEH) claims to aspire to training ‘ethical’ hackers. “CEHv7 provides a comprehensive ethical hacking and network [...]

WPScan 1.1 released

ethicalhack3r — Fri, 25 Nov 2011 12:32:09 +0000

I am pleased to announce, after 5 months of work, that WPScan version 1.1 has been released! With 780 more lines of code the most notable changes are: Detection for 750 more plugins. Detection for 107 new plugin vulnerabilities. Detection for 447 possible timthumb file locations. Advanced version fingerprinting implemented. Full Path Disclosure (FPD) checks. [...]

WordPress ‘In the Wild’ and WPScan Update

ethicalhack3r — Wed, 23 Nov 2011 00:36:47 +0000

As part of my on-going interest in WordPress security I wanted to find out for myself what the state of security was like on installations in the wild. A list of servers running WordPress was acquired from Shodan by searching for a particular HTTP response header and its value. The list contained 10,000 entries, I [...]