PHP not properly checking Params

This is a summary of [Iwaniuk 2011]

Gera's Insecure Programming Format String #4

One more completed challenge is needed before we can declare format strings dead. This challenge from the format string section of Gera’s Insecure Programming is basically solvable using the same approach as challenge #3.

Cross-Origin Resource Inclusion

This article discusses a new bug class that was introduced in XMLHttpRequest Level 2, how the bug manifests and some solutions to different problems.

Gera's Insecure Programming Format String #3

This gera’s insecure programming challenge is solvable (pwnable) in a similar fashion as my previous post. The challenge’s source is posted. The challenge can be found at gera’s format string 3

Writeup: DEFCON 19 quals (Binary L33tness 100)

Here is the write-up for the DEFCON 19 quals challenge b100 run by DDTEK. This one is somewhat funny.

RELRO: RELocation Read-Only

This article describes ELF relocation sections, how to abuse them for arbitrary code execution, and how to protect them at runtime.

Gera's Insecure Programming Format String #2

Now that this semester is completed, I can continue going through gera’s execises =).

Negating an AND expression.

The basic database QUERY expression for a simple login is: [sql] SELECT * FROM users WHERE username = ‘phillip’ AND password = ‘taco’ [/sql] Which boils down to: “Login if T ∧ T” where in this case the first T is the result the database returns when username is in the database and the second is the result T is where password is in the database.