ad

Exclusive Updates from 'Rafay Hacking Articles'

Newsletter

Top Analysts Weigh in on the Disaster Recovery Landscape

Learn 3 key considerations to ensure IT resiliency. Click here to download
[Sponsored]

Latest News Oct 23, 2014

A Tale Of Another SOP Bypass In Android Browser < 4.4


Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to research a bit more upon the android browser, it turns out that things are much worse than I thought, I managed to trigger quite a few interesting vulnerabilities inside of Android browser, one of them being another Same Origin Policy Bypass vulnerability. The thing that makes it worse was the same SOP bypass was already ...

Indepth Code Execution in PHP: Part Two



This is a continued post from Code Execution in PHP; you can read the first post here, so if you haven't read that before please go ahead and read it first or else you would have problem understanding the second part. ...

Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041

Introduction

Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea behind the SOP is the javaScript from one origin should not be able to access the properties of a website on another origin. The origin is formed by the combination of Scheme, domain and port with the port being an exception to IE. There are some exceptions with SOP such the location property, objects wtih src attribute. However, the fundamental are that different origins should not be able to access the properties of one another. ...

Remote Code Execution in PHP Explained - Part 1


This is a two part article about code execution in PHP. It's a very detailed article and contains references from other sources as well. I will discuss about some of the mistakes done by PHP developers which result in Remote Code Execution Vulnerability. It's no secret that PHP is an easy to code language; however a lot of new PHP developers lack the knowledge of basic security principles which results in to new poorly written web-application often introducing critical vulnerabilities. ...

Android Browser + Messaging App DOS


While being impressed by Collin Mulliner's research on smart phones, I found myself very curious trying to find vulnerabilities inside it and i found several ones out. ...

When Cloud Makes Sense

Learn some of the benefits of cloud computing. Click here to download
[Sponsored]

This email was sent to youbeeub.fbhacking123@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from Rafay Hacking Articles. If you would like to manage your newsletter preferences, please click here.

Rafay Hacking Articles | Karachi, Pakistan 44000
Contact: rafayhackingarticles@gmail.com
Unsubscribe

Exclusive Updates from 'Rafay Hacking Articles'

Newsletter

Deployment Best Practices and Guidelines to Deliver Any App to Mobile Users

As organizations embrace smartphones, tablets and mobile applications, they are moving beyond simply providing mobile email and browser capability to offering mobile access to Windows-based and other corporate applications. Click here to download
[Sponsored]

Latest News Oct 21, 2014

A Tale Of Another SOP Bypass In Android Browser < 4.4


Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to research a bit more upon the android browser, it turns out that things are much worse than I thought, I managed to trigger quite a few interesting vulnerabilities inside of Android browser, one of them being another Same Origin Policy Bypass vulnerability. The thing that makes it worse was the same SOP bypass was already ...

Indepth Code Execution in PHP: Part Two



This is a continued post from Code Execution in PHP; you can read the first post here, so if you haven't read that before please go ahead and read it first or else you would have problem understanding the second part. ...

Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041

Introduction

Same Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea behind the SOP is the javaScript from one origin should not be able to access the properties of a website on another origin. The origin is formed by the combination of Scheme, domain and port with the port being an exception to IE. There are some exceptions with SOP such the location property, objects wtih src attribute. However, the fundamental are that different origins should not be able to access the properties of one another. ...

Remote Code Execution in PHP Explained - Part 1


This is a two part article about code execution in PHP. It's a very detailed article and contains references from other sources as well. I will discuss about some of the mistakes done by PHP developers which result in Remote Code Execution Vulnerability. It's no secret that PHP is an easy to code language; however a lot of new PHP developers lack the knowledge of basic security principles which results in to new poorly written web-application often introducing critical vulnerabilities. ...

Android Browser + Messaging App DOS


While being impressed by Collin Mulliner's research on smart phones, I found myself very curious trying to find vulnerabilities inside it and i found several ones out. ...

Secure Application Delivery for a Mobile Workforce

Empowering people to use Windows applications and native mobile apps on any type of device--with full security. Click here to download
[Sponsored]

This email was sent to youbeeub.fbhacking123@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from Rafay Hacking Articles. If you would like to manage your newsletter preferences, please click here.

Rafay Hacking Articles | Karachi, Pakistan 44000
Contact: rafayhackingarticles@gmail.com
Unsubscribe