lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 8 Apr 2009 00:21:53 -0700
From: Matthew Dempsky <matthew@...psky.org>
To: bugtraq@...urityfocus.com
Subject: Re: Adgregate ShopAd widget validation is vulnerable to replay attack

On Tue, Apr 7, 2009 at 6:56 PM, Matthew Dempsky <matthew@...psky.org> wrote:
> As an update, since I submitted my first message, Adgregate changed
> their validation mechanism.  The current method is still
> intermittently vulnerable to replay attacks, but now there's actually
> an expiration mechanism to deal with.

I've updated http://shinobi.dempsky.org/~matthew/adgregate.html to
handle the new validation mechanism.

It's basically the same as before, except every 5 minutes (aligned
with the hour) the (single, global) validation string changes.  You
can easily retrieve the current one using curl:

$ curl -e https://secure.adgregate.com/vid_m_widget.swf \
>     https://secure.adgregate.com/validatewidget.aspx?wid=1
&validation=3F228F6F-6B30-4BB4-A7D0-EF5D7F4ABD54

I'll continue updating the above URL as they (hopefully) further
revise the scheme, but I'm going to refrain from spamming BugTraq
about it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ