Home page logo
/
webappsec logo
Web App Security Mailing List

Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.

List Archives

Jan–MarApr–JunJul–SepOct–Dec
2014215
20131916357
201238282341
201152624628
201053485163
200988825237
200888687245
200782674184
2006431451317127
2005518290622519
2004355486635509
2003332277308201
2002304

Latest Posts

OWASP ZAP 2.3.0 psiinon (Apr 10)
Hi folks,

OWASP ZAP 2.3.0 is now available :
http://code.google.com/p/zaproxy/wiki/Downloads?tm=2

Quick summary of the main changes:

* A ZAP 'lite' version in addition to the existing 'full' version
* View, intercept, manipulate, resend and fuzz client-side (browser) events
* Enhanced authentication support
* Support for non standard apps
* Input Vector scripts
* Scan policy - fine grained control
* Advanced Scan dialog
*...

Re: Web Application Vulnerability Categorization m () d m0nk (Apr 03)
Thank you guys - got the idea.

Re: Web Application Vulnerability Categorization Dave Ferguson (Apr 03)
In terms of OWASP Top Ten, yes - I would categorize it under Broken
Auth & Session Management.

Also, check out the OWASP cheat sheet on this topic for helpful
remediation advice.
https://www.owasp.org/index.php/Forgot_Password_Cheat_Sheet

Dave

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!...

Re: Web Application Vulnerability Categorization Seth Art (Apr 02)
m0nk,

This CWE fits pretty closely: CWE-640: Weak Password Recovery
Mechanism for Forgotten Password -
http://cwe.mitre.org/data/definitions/640.html

-Seth

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Web Application Vulnerability Categorization m () d m0nk (Apr 01)
Hello Team,

Greetings!!!.

I have a web app with a password recovery option. There is a secret
question and if the user enters the correct answer to the secret
question, the username and password is provided to the user.

If the password recover page / module allows multiple tries
(brute-force and no CAPTCHA or similar mechanism), can we categorize
this vulnerability under "Broken Authentication and Session
Management" or does this...

Administrivia: Excessive CC's Andrew van der Stock (Mar 15)
Hi there,

There's a really useful question that I've rejected (along with a
great answer) as the question has about one bazillion security lists
in the To list.

I'd love to publish more discussions here and revitalise the list, but
not by by accepting a massive DDoS mail loop in the making, or
requiring all the other list admins to agree with my moderation
policy.

So if you want to publish a question here, please go ahead, but...

Hacking in Schools Pete Herzog (Feb 25)
How to teach hacking in school and open up education:

https://opensource.com/education/14/2/teach-hacking-schools-open-education

Sincerely,
-pete.

Google XXE Vulnerability Mark Litchfield (Feb 22)
Hi All,

There was an XML external entity vulnerability within Googles Public
data explorer. This was submitted to Google as part of their Bug Bounty
Program.

For the full write up with screen shots -
http://www.securatary.com/vulnerabilities

44CON 2014 September 11th - 12th CFP Open Steve (Feb 21)
44CON is the UK's largest combined annual Security Conference and
Training event. Taking place on the 11th and 12th of September at the
ILEC Conference Centre near Earls Court, London, we will have a fully
dedicated conference facility, including catering, private bar and daily
Gin O’Clock break.
_ _
/_//_// / //\ / Goes | 11th - 12th September 2014
/ //_,/_// / Fourth | ILEC Conference Centre, London

-=-...

PHP wrapper question Mark Litchfield (Feb 19)
Reaching out for some help / ideas.

I have an XXE that works but when processing large files it fails

For example, the below attack will work sending to my instance of Netcat
the base64 encoded string of win.ini. A nice POC, but not exactly what
I am looking. (We are using base64 to ensure any line feeds are removed
or other data that would cause XML processing errors)

<!ENTITY % payload SYSTEM...

Shopify (Bug Bounty) - XML External Entity Vulnerability Mark Litchfield (Feb 17)
Shopify suffered from an XXE attack within their online stores domain -
*.myshopify.com

They were extremely quick in confirming and fixing the issue (even
though it was a Sunday).

Full details with the usual screen shots can be found at
http://www.securatary.com

OWASP Xenotix XSS Exploit Framework V5 Released Ajin Abraham (Feb 13)
Hello,
Happy Valentines day wishes. I am glad to inform that, OWASP
Xenotix XSS Exploit Framework V5 is Released.

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site
Scripting (XSS) vulnerability detection and exploitation framework. It
provides Zero False Positive scan results with its unique Triple
Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is
claimed to have the world's 2nd largest XSS Payloads of...

Ebay, Inc Bug Bounty - GoStoreGo Administrative Authentication Bypass to all online stores Mark Litchfield (Feb 12)
This attack allowed for a cross store (so essentially unauthenticated,
as we have not authenticated to our target store) privilege escalation
attack creating an administrative user on any *.gostorego.com store.

As indicated by their own website, there are over 200,000 active
stores.This attack allows access to 200,000 x Customers x data = Y.Due
to the nature of the attack, it would trivial to automate an attack that
would give us an...

International Journal of Distributed Sensor Networks (IF 0.727): Special Issue on Research Advances in Security and Privacy for Smart Cities Georgios Kambourakis (Feb 10)
[My apologies if you receive multiple copies of this message.]

Call for articles for International Journal of Distributed Sensor
Networks (IF 0.727)

Special Issue on
Research Advances in Security and Privacy for Smart Cities

http://www.hindawi.com/journals/ijdsn/si/239803/cfp/

Security for smart cities is considered to embrace both urban security
subsystems and infrastructure security ones. So, while urban security
and privacy are mostly...

Damn Vulnerable IOS App v1.0 launched Prateek Gianchandani (Feb 05)
Hi All,

It gives me great pleasure to announce v1.0 of Damn Vulnerable IOS =

Application http://damnvulnerableiosapp.com

Damn Vulnerable IOS App (DVIA) is an IOS application that is damn =

vulnerable. Its main goal is to provide a platform to mobile security =

enthusiasts/professionals or students to test their IOS penetration =

testing skills in a legal environment. This application covers all the =

common vulnerabilities found in IOS...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]