news ... ./

 

user comments
name
email
comments
 
smtp relay check
mailserver:
e-mail:
more info
translate to ...
language:
 
[1] . [2] . [3] . [4] . [5] . [6] . [7] . [8]
EyeonSecurity
Nekromantic
EyeonSecurity Forums
Ob5cureDotCom
elfqrin swg help net security
frame4 security hacker gurus computerglitch
gotr00t b0iler hackinthebox
nekromantic.com astalavista.net wand products
security-protocols
adv-knowledge rootshell wbglinks
security.nnov.ru
 
Copyright © 2001,2002 eyeonsecurity Inc., All Rights Reserved. No portions of eyeonsecurity may be used without express, written permission
 

August 10 2020...
A few more years later. Back in 2008 I founded Enable Security, where we offer penetration testing, especially focused on real-time communications systems. Eye on Security has of course not been updated since years but please visit Enable Security if you are interested in our latest and greatest :-) In the meantime, I've been keeping this site up for historic reasons.

October 09 2007...
A few years later. I've been busy with several private projects and some public ones. Like [Maltainfosec], [SIPVicious] and [GeekBazaar]

July 25 2003...
Fixed a mistake in the advisory regarding CGI.pm - the issue was fixed by the CGI.pm author in version 2.94. The original advisory posted to bugtraq stated that the author never fixed the XSS - this was incorrect. It was fixed on CPAN - but I was checking L.Stein's personal website rather than CPAN [link].

July 19 2003...
It had seemed like EoS was sleeping ... sleep no more for here comes a new advisory which involves CGI.pm (Perl module). Some articles need updating also - thats coming soon.

December 13 2002...
Updated [this] document to point to Macromedia's article about AllowScriptAccess parameter - thanks to Bertrand Saint-Guillain.

December 03 2002...
Published a list of software and online services vulnerable to Flash XSS attacks [here]. Most software/services were already published in the original paper - Thanks to Matt Murphy for the addition of Invision Board. Check out his [post] for more details.

November 30 2002...
Made public the MDaemon password decoder script. Check it out at perl.ob5cure.com!

October 30 2002...
MS still busy with loads of bugs - but I just wanted to remind them that their XSS problems with MSN groups are still there and they've been these since .. the beginning I guess.. but EoS published them on June.
Follow these links to learn your own MSN/Hotmail/Passport/whatever cookie:
evil Flash file
evil HTML file.

October 29 2002...
Silicon.com: They might have covered Cross site scripting attacks on other sites - wonder if they will cover their's. ;-)

October 04 2002...
EyeonSecurity has now moved to .org instead of .net. Some stuff on .net still works but the rest is on EyeonSecurity.org. We also have a new affiliate .. security.nnov.ru - which is a very informative security resource from RU.

September 18 2002
Small change in design - the asian chix are getting boring - plus I'm getting complaints from porn site masters that I'm stealing their visitors - so there goes - we got drew instead.

September 14 2002
New tools - DNS-Tools.Some online tools to ease basic information gathering about hosts - such as finding out your ISP's mail (SMTP) servers, resolving from name to IP address etc.. [link!]

September 04 2002
I put up a script to decode the MSN Messenger password. Check it out on perl.ob5cure.com.

August 26 2002
Updated Bypassing JavaScript Filters – the Flash! Attack to reflect suggestions by Bertrand Saint-Guillain.

August 22 2002
New affiliate [zone-h]!!

August 09 2002
Been workin with WAP/t39 etc - check out http://ob5cure.com/. Will also put up some scripts on http://perl.ob5cure.com/. Get inspired and educated [here].

August 08 2002
Design update - new asian chic on the left and new colors. Comments welcome .. using the comments box.

July 28 2002
A new advisory called "MSN Groups makes cross site scripting easy" is out!! GET IT NOW. Actually this is something I've already published but no one cared about - maybe this generates some reaction.

July 23 2002
NO EyeonSecurity is NOT dead - just had a long summer nap :). In the meantime we moved servers etc.
* Updated the format of all papers. Especially Check out the "Microsoft Passport Account Hijack Attack".
* We now 0wn EyeonSecurity.org
* There's also ob5cure.com - which will be something a bit different from EoS probably :)

Coming up:
* An advisory about MSN - usual cookie stealing / XSS attacks :)
* ob5cure.com and EyeonSecurity.org
* give more life to the EoS Forums
* any more ideas? [contact me] | use the comments box | forums

June 26 2002
Been quite busy moving servers + updating the format of the papers section. Everything should be back to normal ASAP. When it is I plan to issue a new advisory and start on some new research. [this is more forums promotion].

June 18 2002
Macromedia has released a technical document about the Flash XSS method. You can check it out [here]. Some more information [here]

June 17 2002
Updated the format of "When your server ends up a Warez site". I'll be converting all papers to this format and changing any papers which are not up to date.

June 14 2002
Looks like the latest paper was a success :) I am currently working on updating the rest of the papers and am thinking of publishing some pending advisories. More about this at the forums.

June 05 2002
Published a new paper titled Bypassing JavaScript Filters – the Flash! Attack. Covering ways to launch Cross site scripting attacks by making use of Flash content. You might wanna discuss this in the Forums.

June 01 2002
I've been working on a new paper since last weekend + contacting the people involved. Should be out real soon. Meanwhile check out [wiretapped] and [da forums]~!

May 30 2002
Coming near you.. EyeonSecurity Forums!!
Actually this is something I wanted to do a long time ago - have an open discussion forum. Please visit and post [here].

May 24 2002
After reading [this] article I decided I wanted a free account for myself .. so check out this Anonymizer link .. should be patched real soon.
A good paper about CGI script exploitation by our affiliate b0iler : [here]

May 11 2002
Posted a PDF (pee-di-eff) version of the Extended form attack paper [here]! We also have 2 new affiliates - Advanced Knowledge and WBG links. Enjoy~!

May 07 2002
A new advisory about WorldClient and MDaemon is out! Recommended checkin out. We also have new affiliates - the guys from Frame4 Security Systems. Also put up a new example for the Extended form attack (which is still unpatched !) for Internet Explorer (and Opera - which was patched immediately).

May 03 2002
News.com published an article - where they feature "Microsoft Passport Account Hijack Attack" alongs with *original* quotes from Obscure :-) .. check it out [here]. New advisory on the way ... maybe next week. Oh yea .. and we have a new user on EoS: b0iler. Welcome - check out http://b0iler.eyeonsecurity.org/.

April 24 2002
Published a text on How to hack hotmail on Nekromantic.com. That's right - this my revenge to all those kiddies who bombard me with questions about hacking their ex-girlfriend's hotmail account.

April 20 2002
Microsoft has not yet patched the exploit in Internet Explorer described [here]. It's now 2 months since this vulnerability was made public .. on the other hand Opera fixed it within a week or so. A non-EoS demonstration is available [here]. Seems like my demo doesn't work any more since EBay changed their mail server configuration.
You guys might also enjoy browsing www4.cnn.com (CNNSI)-> specifically these links :
http://www4.cnn.com/graveyard/
http://www4.cnn.com/.includes/
http://www4.cnn.com/.latest/
http://www4.cnn.com/premium/
http://www4.cnn.com/stats/
Well i guess nothing's wrong with directory listing - happy hunting ;-)

April 11 2002
Just for your enjoyment I will be filtering out any hotmail password requests. It getting quite sick - i get stuff like this daily:
name: babina
email: shresthababina@hotmail.com
host: 64.29.78.156
referer: http://www.eyeonsecurity.org/papers/passporthijack.html
comment: forgot the dpassword
Yea right.
Anyways I've added a new tool which converts from base64 to plain text .. and vice versa - handy for decoding a lot of weak password scemes (eg. HTTP basic authentication). Check it out [here].
My sister site news: we've been adding some irc log files on Nekromantic.com.

March 30 2002
Added the ability to translate pags to different languages. Check out the "translate to" thing on the lower right hand side. Should you have a problem locating this brand new feature.. just let me know.

March 12 2002
Seems like the IMail advisory was published by Zillion of safemode.org. Oh well. Also people using HTTPS to access their IMail account, do not seem vulnerable to this attack as the referer field is stripped. THis was tested with Mozilla 0.9.8 as well as Internet Explorer 6. New affiliate: security-protocols.com

March 10 2002
Finally I put up the IMail and Excite WebMail exploit tool and published the related advisory. This is a link to an interesting article by Shad Mortazavi on Newsviews [link] regarding remote commuting versus security issues + VPN etc. :D

March 08 2002
Total change in design. I opted for a more alternative one than the former design which was getting a bit too boring. besides .. asian lovers will like the image on the left :)

Also added a comments box for comments on all pages ... and added an "Eye on Security in the news" page in the misc section.

Coming up - some simple exploits *wink wink*. Umm and check out this [page] and [this] .... kewl stuff guaranteed *cough*. If you notice anything wrong broken links/scripts etc .. please let me know (use the comments box on the left .. unless that is what is broken).