Background I’ve really enjoyed making this tool, it started off as a port scanner then it evolved into a router scanner and now I’ve decided to accept any device on a LAN. The code now works on Firefox and IE7 (which was a pain), I haven’t managed to test it on any other browser so […]
Archives for the Month of July, 2007
Javascript port scanner
Wednesday, 25 July 2007
I was pretty bored yesterday and I found my work a bit too easy so I thought I’d have a go at something different. I decided to create a javascript port scanner, the scanner only works on Firefox at the moment (I may change it to work in other browsers) and has three options, option […]
Reflected SQL injection
Monday, 23 July 2007
I’ve been developing a system for a while now and it’s currently in the testing stage, I noticed that a SQL injection vulnerability had crept in. I was quite surprised because my filtering methods are generally quite good and I’ve not seen any SQL errors in the logs for quite some time. Luckly the site […]
PHP Mysql tips
Monday, 23 July 2007
Continuing from my earlier post on PHP performance, I thought I’d share a few Mysql tips that I’ve learnt over the years. Hope it helps someone and please leave a comment with your own tips or provide any corrections to the ones mentioned. Word searching 1. SELECT * FROM table WHERE MATCH (`field`) AGAINST (‘Keyword’) […]
Vulnerability found in security tool
Wednesday, 18 July 2007
Hehe this is quite funny, Chris Shiflett released a tool today to perform CSRF tests and I found a huge hole in it that allows javascript execution on his site. Sorry Chris 🙂 Simple Exploit
Web development trends (estimation)
Monday, 16 July 2007
I found this interesting, although obviously not 100% accurate it gives a good indication of development trends. I’ve compared server side languages and javascript frameworks. jquery scriptaculous dojo toolkit yui yahoo ext js php asp | asp.net ruby on rails jsp python
Increasing PHP performance
Friday, 13 July 2007
This is just a short post on a couple of performance increases you can do in your code that was kindly pointed out to me by WhiteAcid, when he looked through the source code of my captcha. I must admit I wasn’t aware of these slight improvements and I’m sure this post will inform a […]
Return of the Heyes Captcha
Thursday, 12 July 2007
When I first created my Heyes Captcha I thought I was onto a winner but I must admit it got ripped to pieces by the security community and was hacked in a matter of hours. But I’m persistent so I released another one with a similar outcome 🙂 but now I think I might have […]
Tracking without cookies part 2
Wednesday, 11 July 2007
I’ve been experimenting with the various ways of tracking a user without cookies or sessions and I came up with a unique way of doing so that I haven’t really seen documented anywhere. Using the script below you should receive a unique session id; if you then try the script in another browser it should […]
Tracking without cookies
Tuesday, 10 July 2007
I’ve created a simple script after discussions on a mailing list I’m a member of. The idea was to create a unique identifier without using a full IP address or cookies. It works using javascript to gather information about the browser (screen depth, user agent etc), it then takes all this information and creates a […]