background preloader - Computer Security Division - Computer Security Resource Center - Computer Security Division - Computer Security Resource Center

CSIRT, Computer Security Incident Response Team The SQL Injection Knowledge Base Default Databases Testing Injection False means the query is invalid (MySQL errors/missing content on website) True means the query is valid (content is displayed as usual) Given the query SELECT * FROM Table WHERE id = '1'; Examples: SELECT * FROM Articles WHERE id = '1'''; SELECT 1 FROM dual WHERE 1 = '1'''''''''''''UNION SELECT '2'; Notes: You can use as many apostrophes and quotations as you want as long as they pair up. Given the query SELECT * FROM Table WHERE id = 1; Example: SELECT * FROM Users WHERE id = 3-2; true is equal to 1. Given the query SELECT * FROM Table WHERE username = ''; Example: SELECT * FROM Users WHERE username = 'Mike' AND password = '' OR '' = ''; The following can be used to comment out the rest of the query after your injection: Examples: SELECT * FROM Users WHERE username = '' OR 1=1 -- -' AND password = ''; SELECT * FROM Users WHERE id = '' UNION SELECT 1, 2, 3`'; Note: The backtick can only be used to end a query when used as an alias. Testing Version /*!

National Vulnerability Database Home | grep understanding National Vulnerability Database CVSS Scoring This page shows the components of the CVSS score for example and allows you to refine the CVSS base score. Please read the CVSS standards guide to fully understand how to score CVSS vulnerabilities and to interpret CVSS scores. The scores are computed in sequence such that the Base Score is used to calculate the Temporal Score and the Temporal Score is used to calculate the Environmental Score. Alert: Environmental Modified Impact CVSS Base Score Undefined Impact Subscore Exploitability Subscore CVSS Temporal Score Not Defined CVSS Environmental Score Modified Impact Subscore Overall CVSS Score CVSS v2 Vector Not Defined Base Score Metrics The base metric group captures the characteristics of a vulnerability that are constant with time and across user environments. Exploitability Metrics Access Vector (AV) This metric reflects how the vulnerability is exploited. Local (AV:L) Adjacent Network (AV:A) Network (AV:N) Access Complexity (AC) High (AC:H) Specialized access conditions exist. Medium (AC:M) Low (AC:L) HowTo: Find switchport of a MAC Address on Cisco Catalyst Switch | If you have a big network with multiple Access Switches connecting to the core switches or routers then tracing a device like a PC or a laptop for troubleshooting or security purposes is one of those tasks that you often end up doing. This is not a difficult task but can certainly be time consuming. Lets start with an IP address on hand. Core1# sh ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 22 0000.1111.1111 ARPA Vlan1 From the above you know the MAC Address of for the device: IP Address : MAC Address : 0000.1111.1111 Now, do a show mac-address command on the core switch or router. Core1# sh mac-address-table address 0000.1111.1111 Legend: * – primary entry age – seconds since last seen n/a – not available vlan mac address type learn age ports ——+—————-+——–+—–+———-+————————– Supervisor: * 1 0000.1111.1111 dynamic Yes 10 Te1/1 Sometimes, the output might show as follows [note the Po1] Core1# sh cdp neighbors Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security Remote Exploit Internet Crime Schemes Auction Fraud Auction fraud involves fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site. Consumers are strongly cautioned against entering into Internet transactions with subjects exhibiting the following behavior: The seller posts the auction as if he resides in the United States, then responds to victims with a congratulatory email stating he is outside the United States for business reasons, family emergency, etc. Similarly, beware of sellers who post the auction under one name, and ask for the funds to be transferred to another individual. If you believe you may have fallen victim to this type of scam and wish to report it, please file a complaint with us. In addition, visit eBay and PayPal for additional security alerts and fraud prevention tips. Auction Fraud — Romania Auction fraud is the most prevalent of Internet crimes associated with Romania. Spam 31.12.2012, godz. 11:00 Firma Imperva przeprowadziła badanie, w którym przetestowała skuteczność ponad 40 różnych rozwiązań antywirusowych, zarówno płatnych jak i bezpłatnych, pod kątem wykrywalności nowo utworzonych wirusów. Z raportu, który powstał po badaniu wynika, że jedynie niecałe 5% rozwiązań antywirusowych jest w stanie wykryć od razu wcześniej nieskatalogowane wirusy, a wielu antywirusom zaktualizowanie bazy sygnatur zajęło nawet miesiąc lub więcej. 8 703 31.12.2012, godz. 08:46 Coraz więcej firm korzysta z dużych zbiorów danych, rzadko myśląc o ich bezpieczeństwie. Problemem jest nie tyle kradzież całych zasobów, ile pozyskanie istotnych porcji informacji. 8 438 13.11.2012 Platforma Google Android znajduje się pod ostrzałem twórców złośliwego oprogramowania. 13.11.2012 Aplikacja współpracująca z systemem ERP powinna być połączona z firmową siecią. 06.11.2012 W wielu przypadkach ryzyko ataków na urządzenia mobilne można łatwo zminimalizować.

CC Blog: Recommendations to vendors for communicating product security information Hi, this is Chad Dougherty of the Vulnerability Analysis team. One of the important roles that our team plays is coordinating vulnerability information among a broad range of vendors. Over the years, we have gained a considerable amount of experience communicating with vendors of all shapes and sizes. Based on this experience, we can offer some guidance to vendors about communicating product security issues. Just to be clear, we're talking about product security as opposed to security products. Product security involves vulnerabilities caused by programming or design defects, insecure default or recommended deployment configurations, and other similar issues. First, let's address the topic of receiving information about product security. Provide an easily identifiable role email address specifically for product security issues In our experience, it's extremely beneficial for the vendor to provide a role email address (e.g., a shared mailbox or an alias) for receiving information.