Archive for May, 2008

Software Security: a retrospective

Today I am going to cover a topic that is the most important to me: software security. When I talk about “software security”, I refer to the process of building applications — the artifacts, components, and capital that goes into making a polished product. Applications are something that development teams worldwide strive to [...]

VBAAC Security and You

My good friend Arshan Dabirsiaghi at Aspect Security released an interesting paper today on Bypassing VBAAC with HTTP Verb Tampering. For those who don’t know what VBAAC is, it stands for “Verb-Based Authentication Access Control.” Unfortunately, most vendors have screwed up the implementation by taking a default allow approach, and as a result developers are [...]

tissynbe.py — Insert Nessus results into MySQL, output as a CSV

I mentioned in previous posts that I had been working with Nessus — I used it a lot. At the end of the engagement, we had almost a gigabyte of Nessus data saved in nbe format. So to quickly go through and analyze all the results, inserting it into a database was essential. I [...]

Protecting the global Internet routing infrastructure

Arbor Networks has a blog post up today about Using RPKI to Construct Validated IRR Data.  Resource PKI (RPKI) is an extension to X.509 to allow for IP address (prefix) and AS identifiers (autonomous system numbers — the organization-based assigned number used by the Border Gateway Protocol to get you or your ISP “online”).
My first [...]

Resident scripts and global cross-domain

In October of 2006, a vulnerability in IE7 known as the “mhtml:” Redirection Information Disclosure was discovered.  RSnake wrote up a post about how nasty it was.  The basics: it took over the entire browser experience.
Fortunately, the bug was patched quickly, it required access to the web server/application (or HTTP header injection), and it only [...]