Computers
Encrypting data with PHP using the phpSec library
Encryption is a easy and secure way of protection your data. phpSec implements symmetric encryption using the mcrypt library, end is extremely easy to use.
$data = 'This is some extremely secret information.';
$encrypted = phpsecCrypt::encrypt($data, 'secret key');
The above code will encrypt the $data string, using the "secret key". Note that you can also pass arrays to encrypt.
$encrypted will contain something like:
{
"cdata":"qLUmR1giVp01tVslDexNn4wKSFGTOD+v2PV1MuPs\/eL26IuUvM8+jQ==",
Cross-Site Scripting (XSS) in IDLogger website statistics version 7.7
------------------------------------------------------------------------
Cross-Site Scripting (XSS) in IDLogger website statistics version 7.7
------------------------------------------------------------------------
Author: Audun Larsen (larsen at xqus dot com)
Date: August 13, 2009
--AFFECTED SOFTWARE--------------------------
Name: IDLogger
Version: 7.7
Website: http://www.idlogger.com
Ditionary files
Dictionary files are files containing all kinds of words excellent for brute force password attacks.
Here are my collection. Some of them made by me, and other collected around the internett.
MD5 considered harmful - SSL to be considered broken?
A team of researchers (including one Norwegian) has managed to break the technology that issues trusted certificates for secure websites (SSL). As a proof of concept they executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers.
The long, official version and the short version. Happy reading.
Is security bugs just normal bugs?
I just got to ask you this: Is security bugs just normal bugs? Or should they be treated special?
The reason I ask, is because of a statement made by Linus Torvalds in a discussion on the Linux kernel mailinglist just a few days ago.
So I personally consider security bugs to be just "normal bugs". I don't
cover them up, but I also don't have any reason what-so-ever to think it's
a good idea to track them and announce them as something special.
Drupal selected as Sourceforge 2008 community choice award finalist in five categories
Drupal is a finalist for the SourceForge 2008 Community awards in not less than 5 categories.
- Best project
- Best project for Enterprise
- Best project for Educators
- Best Tool or Utility for Developers
- Most Likely to Change the World
Sweet!
Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search
I just posted this to Bugtraq, so I'll post it here to.
------------------------------------------------------------------------
Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search
------------------------------------------------------------------------
Author: Audun Larsen (larsen at xqus dot com)
Date: Dec 29, 2007
--AFFECTED SOFTWARE--------------------------
Name: phpWebSite
Version: 1.4.0
Release date: Dec 11, 2007
Developed by the Web Technology Group at Appalachian State University,
phpWebSite provides a complete web site content management system ( CMS ).
Clearing the content of a file
This is mostly a note for myself, but sharing is caring.
To clear the content of a file:
$ echo "" > filename
To fill a file with junk:
$ cat /dev/urandom > filename
Search
Archive
- December 2011 (5)
- August 2011 (1)
- July 2011 (2)
- March 2011 (1)
- February 2011 (2)
- January 2011 (1)
- August 2009 (3)
- January 2009 (3)
- December 2008 (3)
- September 2008 (1)
User login
