The Script will find the line number and positions of the @ symbols in pos.txt.
# cat pos.txt
00000000000000000000000@00000000000000000000000000
0000000000000000@000000000000000000000000000000000
00000000000000000000000000000000000000000@0@000000
000000000000000000000@0000000000000000000000000000
00000000000000000000000000@000@0000000000000000000
|
# ./sposition.pl
1-23, 2-16, 3-41, 3-43, 4-21, 5-26, 5-30,
Here is the code
Continue reading "sposition.pl - String Positioning"
Advisory:
|
Nagios Plugin 'check_ups' Local Buffer Overflow
|
Advisory ID:
|
SSCHADV2011-040
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on nagios-plugins-1.4.15
|
Vendor URL:
|
|
Vendor Status:
|
informed
|
EDB-ID: |
18278
|
==========================
Vulnerability Description:
==========================
The Nagios plugin 'check_ups' is prone to a Buffer Overflow
Continue reading "SSCHADV2011-040 - Nagios Plugin 'check_ups' Local Buffer Overflow"
Here is a little tool written in perl, which XOR a string against a key and outputs the result base64 encoded and vice versa.
Encrypt
./xor-base64.pl -e foobar -k deadbeef
[+] Cleartext: foobar
[+] Key: deadbeef
[+] Hex: 020a0e060317
[+] Ciphertext: AgoOBgMX
|
Decrypt
./xor-base64.pl -d AgoOBgMX -k deadbeef
[+] Ciphertext: AgoOBgMX
[+] Hex: 020a0e060317
[+] Key: deadbeef
[+] Cleartext: foobar
|
And here is the code
Continue reading "xor-base64.pl - encrypt/decrypt a string with XOR and base64"
Advisory:
|
Tiki Wiki CMS Groupware Stored Cross-Site-Scripting
|
Advisory ID:
|
INFOSERVE-ADV2011-07
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on Tiki 8.1 & 6.4 LTS (affects all current releases)
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
CVE-2011-4551
|
======================
Vulnerability Description
======================
All current releases of Tiki Wiki are prone to a stored XSS vulnerability
Continue reading "INFOSERVE-ADV2011-07 - Tiki Wiki CMS Groupware stored Cross-Site-Scripting"
By my quick search for a fast and small HTTP-Proxy, which runs under OpenBSD, I’ve found the caching web proxy Polipo, which looks really good. Hence here is a short howto about the installation & configuration (which is really really fast & easy to do) of Polipo under OpenBSD.
Download
# cd /tmp/
# ftp http://freehaven.net/~chrisd/polipo/polipo-1.0.4.tar.gz
# tar xvfz polipo-1.0.4.tar.gz
Installation
# cd polipo-1.0.4
# make all
# make install
Continue reading "[Howto] - Polipo 1.0.4 under OpenBSD"
Advisory:
|
Seotoaster SQL-Injection Admin Login Bypass
|
Advisory ID:
|
INFOSERVE-ADV2011-06
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on Seotoaster v.1.9
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Seotoaster v.1.9 is prone to an SQL-Injection which bypass the admin login
Continue reading "INFOSERVE-ADV2011-06 - Seotoaster SQL-Injection Admin Login Bypass"