Archived; click post to view.
Excerpt: … for spammers, anyway. Upgrading WordPress often might just help!

On the other hand, you could still wake up and find out your blog looks like this after a zero-day attack —

That's probably a bad thing. But, in fact, many of us in the blogosphere have enjoyed this particular problem.

And it's not quite as much fun as the blue pill.

In the worst case, it's not just spam, it's badware or viruses. And then Google won't want to cohabit with you ever again.

Well, you'r…

Archived; click post to view.
Excerpt: You thought cheap webhosting was a bargain. Maybe … but bad webhosting isn't just a bummer — it can get you delisted, added to badware lists, etc.

And it doesn't have to be your fault (directly, anyway).

Use IX Web Hosting | ixwebhosting.com web hosting at your own risk. One day you might just get hacked and/or defaced. Even worse, you might be — courtesy of some Turkish hacker — installing malware on users' computers by proxy. The hackers seem to be pretty good…

Archived; click post to view.
Excerpt: I guess I think like a hacker, because I thought of this before seeing RSnake's post about finding vulnerabilities with Google Code Search.If you want to find lots of PHP-based web applications that are likely vulnerable to HTML injection, try this search out:lang:php (print\(|echo)\s\$_(GET|REQUEST)This says "Find all PHP code that calls 'print' or 'echo' to display $_GET or $_POST (likely) without escaping anything.  What a great way to find places to inject stuff…

Archived; click post to view.
Excerpt: This recent article mentions that XSS and HTML injection are quickly eclipsing the traditional stack smashing and SQL tainting attacks in popularity.  But why?  I posit that the reason is simple — XSS & HTML injection vulnerabilities are frighteningly trivial to find.  I will demonstrate the relative ease of finding injection points in this article.  I wrote a script that sniffs out hundreds of such vulnerabilities rapidly and automatically, in fact.

Both XSS & H…

Archived; click post to view.
Excerpt: I was playing around with the What is Hosted on that IP? tool I just published, and some of what I found is a bit scary.  I see cases where there are a few relatively legitimate sites nestled on the same IP with hundreds of spammy sites.  Needless to say, this is a liability.Suppose I am a devious SEO who does not like my competitor very much.  My competitor is also a big cheapskate.  He uses the "Beginner Hosting" package from some fly-by-night web hosting company …

Archived; click post to view.
Excerpt: Most deployed versions of Apache are potentially exploitable, as mod_rewrite has been found to be vulnerable to a stack smashing attack.  It is somewhat muted by the fact that only certain rules cause the problem.  The vulnerability is caused by an off-by-one error — the most common programming error known to man.  Many SEOs use mod_rewrite, but not all will be affected; I checked my rules, and I am not exploitable (otherwise I wouldn't post this), but I'm …

Archived; click post to view.
Excerpt: Note: the code for the auditing script is located here.

As a programmer, I cannot stress it enough. What is it? Escaping all data processed by your web application's code! It's a common security issue, but most people are only accustomed to it, these days, in the context of SQL. Every programmer worth salt knows that he must escape/sanitize data sent to a SQL database. Otherwise, carefully-constructed input can form a totally cool query that exposes and/or vandalizes data. Despite this,…