Just a quick note to announce the start of dotnetids, a port of phpids to the .NET Framework. http://code.google.com/p/dotnetids/ dotnetids was originally published by Martin Paul Eve at Martin Paul Eve on May 25, 2007.

This morning I knocked up some proof of concept code to illustrate the retrieval of one-time authentication tokens. The situation in which this is handy is when a site follows best practices and implements a one-time authentication token, but is vulnerable to a XSS attack. A one-time authentication token is a hidden value implanted into either a link or form.

Enter JavaScript in the box below and press "encode": Encode String.fromCharCode Encoder was originally published by Martin Paul Eve at Martin Paul Eve on May 23, 2007.

This page is designed to give an overview of Cross Site Scripting attacks on web sites, how they come into being, how to exploit them and how to protect against them. To fully comprehend Cross Site Scripting, or XSS as it is known (CSS is NOT used as an abbreviation because it causes confusion when talking about Cascading Style Sheets), it is necessary to have a basic understanding of (X)HTML, JavaScript and Server Side Scripting.

GNUCITIZEN has been going on about this for some time now, but the truly devastating impact of what he has been saying only actually hit me today when reading about his JavaScript interface to Johnny's Google Hacking Database. The scenario is as follows. The interface contains NO SERVER SIDE SCRIPTS and no iframes or other such methods for loading offsite data but instead utilises the JSON data format to include remote script files.

ha.ckers are reporting that their book on Cross Site Scripting has finally been released! Buy a copy at Amazon! RSnake + Jeremiah Grossman's Book Released was originally published by Martin Paul Eve at Martin Paul Eve on May 20, 2007.

Stefano Di Paola presented an interesting paper on Flash security at OWASP 2007 which highlights the dangers of HTML being rendered from within Flash via GET querystrings. Of particular note is the non-sanitization of comments (filter evasion by // .jpg) so check it out. XSF: Cross Site Flashing was originally published by Martin Paul Eve at Martin Paul Eve on May 19, 2007.

Just a quick note to point out this invaluable resource for those interested in XSS attack vectors; rsnake's XSS Cheat Sheet. XSS Cheat Sheet was originally published by Martin Paul Eve at Martin Paul Eve on May 16, 2007.

kishord today presents a tool, called XSS in eXceSS and hosted by .mario that will allow you test attack vectors against a page in different contexts. On top of that it also incorporates PHP IDS, allowing you to skip whichever rules you choose. From kishord's post: Good stuff! XSS in eXceSS: A "learn-XSS tool" was originally published by Martin Paul Eve at Martin Paul Eve on May 16, 2007.

For those who haven't yet seen this, .mario and christ1an over at sla.ckers has been working on a PHP Intrusion Detection System and the results are fairly promising! The system is based on regular expressions and seems to catch everything I've jammed into it so far.

As the title says, heise Security have found a backdoor in the Artmedic CMS system. The interesting question is how this backdoor was implanted - giving the benefit of the doubt it's possible that the development server was compromised and the code injected (the changes date back to the 2nd of May), but on the other hand the developer's not to heise's emails could be indicative of something more sinister.