SQL Injection Attacks by Example. A customer asked that we check out his intranet site, which was used by the company's employees and customers.
This was part of a larger security review, and though we'd not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration. "SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it's straightforward to create some real surprises.
We'll note that this was a somewhat winding road with more than one wrong turn, and others with more experience will certainly have different -- and better -- approaches. We speculate that the underlying SQL code looks something like this: A standalone query of. Une toywar ? 4,5 milliards de dollars ? Article ? OWNI, Digital Journalism. Une armée de toysoldiers a fait plier un supermarché de jouets pour enfants qui s'était emparé du nom de domaine d'artistes suisses allemands.
Une forme d'hacktivisme ludique. Performance artistique, jeu vidéo en réseau, manifestation en ligne, la “toywar” fut probablement l’œuvre d’art la plus chère de l’histoire de l’humanité (estimée à 4,5 milliards de dollars). Mais personne n’avait vraiment, en France, raconté son histoire. Retour sur la “TOYWAR” (guerre du jouet, en français), qui fut autrement plus intelligente (et drôle) que les attaques DDoS lancées par les “Anonymous” en soutien à WikiLeaks. La “TOY.army” ? 300 articles de presse dans le monde entier, y compris dans les “grands” médias mainstream (New York Times, Washington Post, CNN, Le Monde, etc.). Leur mission ? Deux conceptions s’opposent : d’un côté, une galerie marchande et virtuelle d’objets bien réels. En 1999, la bulle internet n’a pas encore explosé. Tarpit & iptables : les armes fatales anti-DDOS ! Le problème est, ma foi, assez simple : En sécurité informatique, on sait de nos jours parer à la grande majorité des menaces.
Si on se concentre sur la partie serveur et sur Linux, Grsex / Pax, un coup de hardening, un kernel statique et optimisé, du chroot et ma foi on est déjà pas mal… Les démons comme apaches et Mysql, ainsi que les interprêteurs comme PHP ou Perl, sont protégés contre leurs ennemis intimes : les overflows. Les droits séparés, les arborescences protégées, les connexions filtrées, que peut on faire de plus ?
Par exemple séparer le back office sur un autre vhost pour ajouter un htaccess afin de le protéger, auditer le site contre les vulnérabilités classiques, XSS, SQL injection etc… Well… Que reste t’il, un ou deux mécanismes à protéger mais… Le D.D.O.S, c’est fatal. La D.D.O.S – Distributed Denial Of Services – c’est la grande frayeur de n’importe quel E-commerçant, de n’importe quel site gagnant de l’argent en ligne et surtout, de votre infogérant… Non. Another Hacker’s Laptop, Cellphones Searched at Border.
A well-known and respected computer-security researcher was detained for several hours Wednesday night by border agents who searched his laptop and cellphones before returning them to him.
The researcher, who goes by the hacker handle Moxie Marlinspike, was met by two U.S. Customs and Border Protection agents at the door of his plane when he arrived at JFK airport on a Jet Blue flight from the Dominican Republic. The agents escorted him to a detention room where they held him for 4 1/2 hours, he says. During that time, a forensic investigator arrived and seized Marlinspike’s laptop and two cellphones, and asked for his passwords to access his devices. Marlinspike refused, and the devices were later returned to him. “I can’t trust any of these devices now,” says Marlinspike, who prefers not to divulge his legal name. Three months later, PayPal froze his account with $500 in it because the company objected to the use of its logo on his website, where visitors could download the free tools.