Saturday 11 August 2012

parmainas

Gribu pazinot, ka tuvakaja laika bloga autori iesaistisies komercija, toest ne ta ka daris ko darijushi prieka pec , bet ari pelnis par to naudu.Ja Tu esi RTU students un doma kur atrast prakses vietu un Tevi saista droshiba, jeb nedroshiba timekli , raksti un mes tev izdomasim pielietojumu. Parejiem tik varu teikt, ka par droshibu mes turpinasim rakstit, nenjemot vera to ka der4444 jau strada FIB laba un VietMafia ir savs bizness ,tad r0t iespejams ar cembo stradas zem kaut kada sia secured systems.

Saturday 4 February 2012

Viss Turpinas

Rakstu latviski jo pashlaik no no ievaonojamibu mekleshanas esmu taalu.
Uz doto bridi stradaju lai üelnitu sev un savai gimenei iztikuun man neatliek laika lai nodarbotos ar zinatni.
Ja protams atrastos kads investors kursh gribetu savu droshibas kompaniju pacelt debesis,tad varetu mes izmantot savu potencialu.
Bet vispar sho lietu galigi nepametu, kadu dienu kaut vai pec 10 gadiem to varu atsakt un uzstadiit jaunus rekordus shaja mazaja nishaa.
Katra zinja varu teikt, ka mana saucamaja bloga tuvakaja laika neka nebus, bet neesmu es aizmirsis savupiederibu un savus pienakumus, tapec vel nav game over.
Mes vel paradisim , ka latvieshi ir vai nu labakie vai vieni nio labakajiem urkiem pasaule!

Wednesday 15 September 2010

XSE shopping cart XSS vuln.

###############################################
Vuln. discovered by : r0t
Date: 15 September 2010
vendor:http://www.ecommercesoft.net/
affected versions:ver.: 1.5.3.0 / 1.5.2.1
and other prior
versions also can be affected.
###############################################

XSE shopping cart contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "id" parameter in "default.aspx" and "type" parameter in "SearchResults.aspx" isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.


##############################################

Solution:
Filter malicious characters and character sequences in a web proxy.
###############################################

Sunday 12 September 2010

Open Classifieds version 1.7.0.2 XSS Vuln.

###############################################
Vuln. discovered by : r0t
Date: 12 September 2010
vendor:http://open-classifieds.com/
affected versions:Open Classifieds version 1.7.0.2
Open Classifieds version 1.7.0
and other prior
versions also can be affected.
###############################################

Open Classifieds contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "desc","price","title","place" parameter in "index.php" and "subject" parameter in "contact.htm" isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.


##############################################

Solution:
Filter malicious characters and character sequences in a web proxy.
###############################################

Saturday 11 September 2010

new r0t FAQ edition 0.91 alfa

r0t FAQ edition 0.91 alfa

Hi again,
Im r0t who reports mostly about new SQL/XSS attack vulnerabilities on net.
So there is some things that i want to do clear:

1)You arent correct with you report.


1.Every from my vulnerability report is autmaticaly reported to biggest vuln. research
teams/bugtraq sites (secunia,osvdb,frsirt,security.nnov.ru)So, thats mean or you are more skilled that we all together or you mis.. some stuff. 99% of all my reports are later verified by biggest and best vulnerability researchers on the world.
So i have mistakes also with my reports , cauz sometimes i report vuln. for software which dont have any public demos or trial versions and my test are only tested on "case study" or clients who use that software.
In that way sometimes vuln researchers after me to verify my report have big problems with that, cauz who wanna test in real examples and of course its illegal, so you can only imagine how is to prove something doing test on bank sites and .gov sites.
about that of course i have problems with governments,police and other structures who fight vS "hackers" at all , but its my problem ,not yours.
Do it mean that i had broken laws with my tests and reports?
Yes of course, but as i used only for testing and reporting, i can answer in any justice for that, for my tests and reports.




2)Next time report to vendor!

2.Why i dont report to vendors about vulnerabilities?There was few times when i did report and one of them was Vbulletin my favorite forum developers, when from few reports i didnt get answers in some weeks i automatically forgot about reporting to vendors. Of course not all vendors is like one vendor and one vendor isnt like others.




3) Its isnt professional when you dont report to vendors.

3.Look if you are one of those vendors who are listed on my blog, so thats shows that you had mistake in your work and your product was unsecured and thats means that you arent professional, im not a developer im only pentester.




4)Give me live example.

4. If you arent from Secunia,frsirt,osvdb or vendor i will not provide you with any live examples or HowTo´s.So anyway forget about that and RFM!




5)We had fixed that in new release,delete your report.

5.Look Im very glad that you had fixed that vuln., but your vuln. version of your developed software is already in use and many people will use it for while.
Its my reports and nothing will be deleted only if i will recognize that it was my mistake.

6) You are hacker.

6. I never had that idea that im hacker , hacker for me i guru in that skills and knowledge that i dont have. I do only my "job" i report about unsecure systems, with wish that not a vendor ,but software potentional user will now about unsecured systems and he will get more easy to chose witch one software he will use in his project.
Yes of course i admit and moderate some hacker and security boards now , but there i am with another "ID", cauz sometimes to be a r0t, can very dangerous.





PS.
I hope this FAQ will give answers to most of your questions, if you have any another questions about me or my reports you can mail me: krustevs[at] gmail.com

Thursday 9 September 2010

NetArtMEDIA Real Estate Portal v2.0 XSS vuln. + NetArtMEDIA lfi.

###############################################
Vuln. discovered by : r0t
Date: 09 September 2010
vendor:http://www.netartmedia.net/realestate/
affected versions:NetArtMEDIA Real Estate Portal v2.0 and other
versions also can be affected.
###############################################

NetArtMEDIA Real Estate Portal v2.0 contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "id" parameter in "AGENTS/index.php" isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

for successful exploitation you must be logged in.
##############################################

Solution:
Filter malicious characters and character sequences in a web proxy.
###############################################


+ bonus LOCAL FILE INCLUDE VULN. IN NetArtMEDIA products.

Almost all NetArtMEDIA products have local file inclusion vuln.
in exmaple in Real Estate Portal v2.0 -"folder" and "action" parameter in "AGENTS/index.php"
by other products try also "action" parameter for local file include.
Vendor website is running on product "WebSiteAdmin v2.1"(http://www.websiteadmin.biz/), for local file include use input in "lng" parameter in "ADMIN/login.php"


=====================================================================================

iBoutique.MALL 1.2 XSS vuln.

###############################################
Vuln. discovered by : r0t
Date: 09 September 2010
vendor:http://www.netartmedia.net/mall/
affected versions:iBoutique.MALL 1.2and other
versions also can be affected.
###############################################

iBoutique.MALL 1.2 contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "tmpl" parameter in "index.php" isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
##############################################

Solution:
Filter malicious characters and character sequences in a web proxy.
###############################################