AppSec Blog

Spot the Vuln - Grammys - Cross Site Scripting

Details Affected Software: Corpse C&C Fixed in Version: ? Issue Type: XSS Original Code: Found Here Details Fairly straightforward XSS bug here. This week's bug can be found in the index.php file for the Corpse C&C. Specifically, the index file located at Corpse/info/socks/index.php. Buried deep within the print statement starting on line 30 are two … Continue reading Spot the Vuln - Grammys - Cross Site Scripting


Bypassing ValidateRequest in ASP.NET

In this post, I am going to explain another technique that can be used to bypass the Validate Request filter in an html element context. This technique uses a different character encoding to bypass the blacklist checks that are done. To recap, ValidateRequest returns false when the following conditions are met:


Spot the Vuln - Grammys

The last thing I want is to walk into my house after a long day and see all the Grammys and awards. It would make me feel weird. Alicia Keys Spot the Vuln uses code snippets from open source applications to demonstrate vulnerabilities in real world web applications. Every Monday morning a vulnerable code snippet … Continue reading Spot the Vuln - Grammys


Spot the Vuln - Writing - Fake XSS and XSRF

Details Affected Software: EOF-0x01 Fixed in Version: ? Issue Type: XSS and XSRF Original Code: Found Here Details This week, we had a couple of bugs here affecting EOF-0x01 Command and Control. A red herring is the use of echo($_POST['pw']); to build HTML markup. Upon first glance, this seems like a straight forward XSS bug. … Continue reading Spot the Vuln - Writing - Fake XSS and XSRF


ASP.Net 4: Change the Default Encoder

In ASP.Net 4.0, Microsoft added the ability to override the default encoder. This is specifically focused on the HTMLEncode, HTMLAttributeEncode, and URLEncode functionality. These functions are used, in the eyes of security, to help mitigate cross-site scripting (XSS). The problem with the built in .Net routines is that they are built on a black-list methodology, … Continue reading ASP.Net 4: Change the Default Encoder