Computer Networks

HTTP response splitting and mail headers splitting attacks

There are two similar security issues both taken care of by Suhosin patch and strict escaping/encoding rules. They both relate to injecting new lines into headers of network protocols. They are not very well known and i think its worth mentioning it.

HTTP response splitting is a web based attack where hacker manages to trick the server into injecting new lines into response headers along with arbitrary code. If you use GET/POST parameters in the headers like cookie or location, then someone could provide new lines with XSS attack.

Common example would be server redirecting to new location based on some variable (like url). To do it safely you should always encode/escape/cast strings before passing them into header PHP function.

Passwordless login with ssh - authorization keys generation

It is possible to login to remote hosts via ssh without providing a password. It is especially important while creating automated scripts. Having password less login we are able to execute commands on remote machine without the need to keep passwords unsecured in the script code.

nc (net cat) used as network debugging, sniffing and hacking tool

Netcan can be used in very many ways. Its a low level network testing and debugging tool. As such needs a bit of knowledge how protocols and servers work but once you pass that netcat gives endless possibilities. I show here how to sniff forgotten passwords from out ftp client and how to connect manually to memcache issuing commands. All can be dome with one line commands or put nicely in a shell scrip.

Review - TCP/IP Vol. 1

I think it is a difficult book to read. Not because it contains some rocket science but because it is very dry. Its hard to read, examples are often confusing and the topic itself is not the easiest I would say. I only read Polish translation so maybe English version is a bit better.

I still believe it has so much information in it that I would recommend to computing students to check it out from library and have a look. It has tons of information.

Syndicate content

About the author

Artur Ejsmont

Hi, my name is Artur Ejsmont,
welcome to my blog. I am a passionate software engineer living in Sydney and working for Yahoo!

Web Scalability for Startup Engineers

If you are into technology, you can order my book Web Scalability for Startup Engineers on Amazon. I would love to hear what are your thoughts so please feel free to drop me a line or leave a comment.

Follow my RSS