forum PTSec


Microsoft e SQL Injection

A Microsoft começou recentemente a oferecer uma ferramenta para protecção contra ataques SQL Injection (SQLI). Mais precisamente, a ferramenta faz análise do código fonte das páginas web para detectar se são vulneráveis a este tipo de ataques. A iniciativa vem no seguimento dos ataques SQLI em massa do início do ano.

Mais informação na ArsTechnica:

Relatório sobre sites com "badware"

A acaba de publicar um relatório com estatísticas sobre sites com "badware". A China ficou destacada em primeiro lugar:

Hacking e motores de busca

GHH - "Google Hack" Honeypot

"GHH is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources.

(...) Google (...) allows for searching on an immense amount of information. The Google index has swelled past 8 billion pages [February 2005] and continues to grow daily. Mirroring the growth of the Google index, the spread of web-based applications such as message boards and remote administrative tools has resulted in an increase in the number of misconfigured and vulnerable web apps available on the Internet.

These insecure tools, when combined with the power of a search engine and index which Google provides, results in a convenient attack vector for malicious users. GHH is a tool to combat this threat. "

GHDB - Google Hacking Database

"We call them 'googledorks': Inept or foolish people as revealed by Google. Whatever you call these fools, you've found the center of the Google Hacking Universe!"

Peach: um fuzzer cross-platform

parece interessante:

Peach is a cross-platform fuzzing framework written in Python. Peach can fuzz just about anything from COM/ActiveX, SQL, shared libraries/DLL's, network applications, web, you name it.


"ransom" significa "resgate" em Português. "ransomware" é um novo termo para software malicioso cujo objectivo é pedir um resgate à vítima. Geralmente este tipo de software cifra ficheiros e a vítima tem de pagar um resgate para serem decifrados.

Alguns posts sobre o assunto no blog Zero Day:
Blackmail ransomware returns with 1024-bit encryption key
Who’s behind the GPcode ransomware?

SQL injection

Estava a ler este post sobre os ataques SQL injection sobre os quais já escrevi no blog, e encontrei esta definição de SQL injection:

a SQL injection attacks and compromises back-end databases courtesy of vulnerable Web pages

PHP Shell

Mais uma aplicação útil que é obviamente um grande problema de segurança:

PHP Shell

PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver. This replaces, to a degree, a normal telnet connection, and to a lesser degree a SSH connection.

You use it for administration and maintenance of your website, which is often much easier to do if you can work directly on the server. For example, you could use PHP Shell to unpack and move big files around. All the normal command line programs like ps, free, du, df, etc… can be used.

documentos interessantes

Best Practices for the Design and Development of Critical Information Systems
European Committee for Strandarization (CEN)

Software Assurance: An Overview of Current Industry Best Practices
Software Assurance Forum for Excellence in Code (SAFECode)

LIgações sobre protecção de infraestruturas críticas

Digital Bond - securing the critical infrastructure

SCADApedia - a resource for control system security and IT related issues in control systems

Vulnerability Notes - explicações detalhadas das vulnerabilidades em sistemas SCADA do US-CERT

SCADA security resources

Honeypots para SCADA

SCADA honeynet

SCADA HoneyNet Project

Segurança no Visual Studio, .NET, etc.

Visual Studio Programmer's Guide for the .NET Framework

Relatório sobre economia vs malware (OCDE)

A OCDE publicou um relatório intitulado "Malicious Software (Malware): A Security Threat to the Internet Economy" (pdf). Segundo a Ars Technica é uma dos melhores textos disponíveis sobre o tema:

"The study (...) is notable for its breadth. Unlike many security reports, which focus on a single issue or type of threat, OECD examines how various types of malware function, the changing shape of the industry's business model, the role governments and international governmental organizations play in halting malware distribution (or, in some cases, facilitating it), and the various incentives and disincentives that might effectively retard the growth and reduce the impact of malicious software."