Author Archives: erielt

Subverting SSL with SSLstrip

Posted on March 13, 2009 by erielt

At the recent Black Hat security conference, independent hacker Moxie Marlinspike gave a speech about his new tool sslstrip and the techniques that it uses to subvert SSL on a network (a write up can be found at http://www.itpro.co.uk/609932/website-danger-as-hacker-breaks-ssl-encryption and … Continue reading

Posted in Current Events | Comments Off on Subverting SSL with SSLstrip

XSS in the Wild (Updated)

Posted on February 20, 2009 by erielt

When I recently tried to look up some information about the song L’America by The Doors, I stumbled upon the site songfacts.com (http://www.songfacts.com/detail.php?id=278). At the site, I was immediately greeted by a popup box cheerfully proclaiming “HAI2U”. After having dealt … Continue reading

Posted in Miscellaneous | 8 Comments

Smashing the Lab for Fun and Profit

Posted on February 5, 2009 by erielt

Since many people are probably busy working on or wrapping up lab 2, I thought it would be a good time to post a security review based on some interesting findings that I discovered in the course of completing the … Continue reading

Posted in Security Reviews | 1 Comment

Security Professional Works as Botmaster

Posted on January 30, 2009 by erielt

Security Professional John Schiefer has continued to work in the computer security field for 15 months while he has been waiting to be sentenced for being a botmaster of a 250,000 bot herd (http://www.theregister.co.uk/2009/01/23/botmaster_sentencing_kerfuffle/). This Los Angeles based security consultant … Continue reading

Posted in Current Events, Ethics | 2 Comments