Sun, 20th Jul 2008 00:16:35
Never fear, this site is here
Page: <
1
2
3
4
5
>
However, being the curious fellow I am, I decided to poke about. I found a major vulnerability for command and code injection within 3 minutes. The hole was in the upload script. A very well documented hole - failure to check file type of accepted upload. Such that its trivial to upload you're own code/programs and run them via the web server. So I did this, and within 5 minutes of being linked to his site, I ran phpinfo() as proof. I later uploaded a simple php shell (since he didn't seem to listen when I mentioned the hole always good to scare them a little more).
Click here for a better formatted version, without the missing backslashes!
Regular expressions are very useful. If you have to deal with text at all, you will find them indispensable. In programming, they can be used to verify user input (e.g check an email is valid), sanitize input (make sure the user only used allowed characters), remove sections of the string (remove all non-alpha-numeric characters) and . And not just for programming! You can use regular expressions in many text editors to edit the current file. You can use them in the grep command to find very specific lines, or in the sed "stream editor" to edit out bits of a file..
As you can tell from the previous paragraph, they are very versatile. Most implementations are more or less compatible with the Perl regex syntax, so this is what the guide is about (Perl Compatible Regex)
...
There is a lot of news around about Anonymous lately. I can't say I've ever paid them much attention. I thought what they were doing was mildly amusing. I never expected it would actually have a real world impact.
I fear I underestimated them. Today, a Scientology protest, organised and credited to Anonymous has made the front page news of NEWS.com.au with this story titled Scientology protests start across Australia, which documents protests in Perth, Melbourne, Sydney and Adelaide.
This article is a brief tutorial in how to make your own ascii internet TV station. I say brief, its pretty simple - thats why its brief.
The inspiration for such an article comes from having a telnet link posted in a channel to a server which was showing a World Cup game live via ascii and sockets. I pasted this around to a couple other people and some folk didn't understand how it worked, so I wanted to share some knowledge.
Incase some of you aren't following me, the link I was shown was
...
...
Page:< 1 2 3 4 5 >
#Super simple (common) php hax for dummies.
The introduction
What follows is a repost of my first article on nulldigital.net, on the 10th of May 2006. A long time ago, when I was all innocent! Good times. The original article as been modified slightly as I sounded like such a git back then. I know it's slightly simple for this site but since nulldigital.net is closing I want to repost the articles from there to neverfear.org. So lets get started..The article
A friend of mine, jodi (http://devstuff.eu/) wrote a simple gallery a while ago, pasted a link to a site he had made for a very simple gallery, that all it does is list images in a database. You can upload them. Resize them. And the scripts will make the thumbnails, display them, etcetera. A very common application, and a very simple one to write.However, being the curious fellow I am, I decided to poke about. I found a major vulnerability for command and code injection within 3 minutes. The hole was in the upload script. A very well documented hole - failure to check file type of accepted upload. Such that its trivial to upload you're own code/programs and run them via the web server. So I did this, and within 5 minutes of being linked to his site, I ran phpinfo() as proof. I later uploaded a simple php shell (since he didn't seem to listen when I mentioned the hole always good to scare them a little more).
#Regex tutorial for people who should know Regex, but do not.. Part 1
Part 1 | Part 2Click here for a better formatted version, without the missing backslashes!
Regular expressions are very useful. If you have to deal with text at all, you will find them indispensable. In programming, they can be used to verify user input (e.g check an email is valid), sanitize input (make sure the user only used allowed characters), remove sections of the string (remove all non-alpha-numeric characters) and . And not just for programming! You can use regular expressions in many text editors to edit the current file. You can use them in the grep command to find very specific lines, or in the sed "stream editor" to edit out bits of a file..
As you can tell from the previous paragraph, they are very versatile. Most implementations are more or less compatible with the Perl regex syntax, so this is what the guide is about (Perl Compatible Regex)
...
#Global scientology protests begin
Sun, 10th Feb 2008 16:21:10
Filed under: Random.
I fear I underestimated them. Today, a Scientology protest, organised and credited to Anonymous has made the front page news of NEWS.com.au with this story titled Scientology protests start across Australia, which documents protests in Perth, Melbourne, Sydney and Adelaide.
Protesters were urged to keep their message clear, coherent and to not use geek speak. They were also advised to wear masks to keep their identity Anonymous
#How to easily stream ascii videos
Thu, 31st Jan 2008 23:01:11
The inspiration for such an article comes from having a telnet link posted in a channel to a server which was showing a World Cup game live via ascii and sockets. I pasted this around to a couple other people and some folk didn't understand how it worked, so I wanted to share some knowledge.
Incase some of you aren't following me, the link I was shown was
14:05 <+JonathanD> telnet ascii-wm.net 2006
14:05 <+JonathanD> watch teh world cup, in ascii
14:05 <+JonathanD> someone topic that
14:09 <+linkd> thats pretty leet
...
#Using ICMP tunneling to steal Internet
Sun, 27th Jan 2008 18:54:09
Introduction
The scenario is you are without Internet connectivity anywhere. You have found either an open wireless access pointed or perhaps you're staying in a hotel which permits rented Internet via services like Spectrum Interactive [1] (previously known as UKExplorer). You make the connection, whether its physically connecting the Ethernet cables, or instructing you're wireless adapter to lock onto the radio signal. You are prompted with some sort of authorization page when you open a browser. You don't have access to it, so what do you do?...
Page:< 1 2 3 4 5 >