Untitled. Let’s take a break from Wii U hacking to take a quick look at Mega’s security.
In case you’ve been living under a rock the past few days, Kim Dotcom (of Megaupload infamy) has launched his new cloud storage site, Mega. Mega has an impressive sales pitch, promising secure cloud storage where only the user has the key to decrypt his or her files, and the encryption and decryption happens securely in the browser. Today we aren’t going to take a look at their encryption or their key generation, which have already been the subject of several articles. Instead, we’re going to look at the security of the Mega website itself. As Mega themselves admit, if you use their web interface (and not a third-party client), the security of the entire ordeal depends on whether you trust them. The standard solution to this problem is to use a strong form of SSL. There’s nothing inherently wrong with this idea.
(Indentation corrected for sanity) Hash value: alert("Megafail! ") Kim Dotcom pulled a Nintendo Wii. Brainfuck beware: JavaScript is after you! Tl;dr I just made a tool to transform any javascript code into an equivalent sequence of ()[]{}!
+ characters. You can try it here, or grab it from github or npm. Keep on reading if you want to know how it works. Non alphanumeric JavaScript What do you know about non-alphanumeric XSS? The other day one of my friends asked me that question on IRC, pointing me to some articles on sla.ckers.org where they tried to create some scripts like alert(1) with non-alphanumeric characters.
As a security researcher and a penetration tester, he insisted that extending that concept to any javascript source would be really useful for bypassing IDSs, IPSs and WAFs. Alphabet Many alphabets could do the job, but just for fun, I tried to keep it as small as possible, using only the following characters: [ and ] to access array elements, objects properties, get numbers and cast elements to strings. ( and ) to call functions and avoid parsing errors. + to append strings, sum and cast elements to numbers. ! Numbers. HTExploit - Bypassing htaccess Restrictions. Content 1 - HTExploit 1.1 - Features 1.2 - Requirements 2 - Supported operating systems 2.1 - Windows 7 / Vista / XP 2.2 - BackTrack 5 3 - Usage 4 - Licensing 5 - Change log 6 - Interesting links HTExploit (HiperText access Exploit) HTExploit (HiperText access Exploit) is an open-source tool written in Python that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process.
By using this tool anyone would be able to list the contents of a directory protected this way, bypassing the authentication process. The tool provides modularity, by allowing the tester to fully perform an analysis on the protected website of the following attacks: SQL Injection, Local File Inclusion, Remote File Inclusion and others. Features Requirements x Python Supported operating systems HTExploit is written in Python and should run on many different operating systems. Windows 7 / Vista / XP x Downlad Python x Unzip the tar.gz x Run HTExploit: Usage.