Hey Everybody! Welcome to this weeks HackerKast!
Next, in a related ad network story, we talked about the IAB writing a blog post announcing they would encourage all their members and partners to utilize SSL properly. This got a chuckle from us because the advertising industry is advocating security. If this would happen, SSL everywhere would be one step closer to being feasible without breaking ad networks. This would’ve stopped China from Man-in-the-Middling these ads and injecting anything into them.
Also related, Jeremiah touched on a post put out by Cisco praising ad blocking to combat drive by malware downloads. We all got a laugh out of this as we’ve been saying it for years so for somebody like Cisco to say it is funny. None of us are against the idea of advertising completely, but it is dangerous on the Internet.
Back to the hacking, Robert talked about the Syrian Electronic Army hacking the umbrella company that owns BlueHost, Justhost, Hostgator, and more. Due to a few VPN hacks, the SEA is claiming they got access to the administrator panels on all of these shared hosting providers, and in turn their customers. This was a hacktivism motivated event due to these shared hosting providers hosting the Islamic State websites which the SEA is against. We wrapped up this topic with some thoughts on overall shared hosting security, seems to us like a big single point of failure on the web.
In other hacking news, a creative bounty hunter found some fun XSS recently and displayed it in a fun way. This researcher found an XSS bug in Google that not only worked on the .com domains but actually worked on *every* Google TLD around the world. This led them to create a YouTube video called “Google XSS World Tour” with some fun classical music and an ever redirecting browser demonstrating the XSS working on many international Google domains. One bug to rule them all… or something like that…
Last, we talked about a PHP file upload vulnerability that was found this week. Seems there is a core PHP function called move_uploaded_file which is vulnerable to a clever bug which avoids file type validation. With just the addition of a null byte at the end of your file name, you can upload any file type you’d like and execute malicious code on the PHP web server. With a quick search on GitHub for move_uploaded_file, we get 245,006 results of code using this vulnerable function.
Thanks for listening! Check us out on iTunes if you want an audio only version to your phone. Subscribe Here
Join the conversation over on Twitter at #HackerKast
Notable stories this week that didn’t make the cut: