-
Recent Posts
- Extending Burp Suite to solve reCAPTCHA
- Decrypting suhosin sessions and cookies.
- Clickjacking and XSS for reading autocomplete credentials.
- JavaScript and Daylight Savings for tracking users.
- Google TOTP Two-factor Authentication for PHP
- Exploit: PHPCaptcha / Securimage is not secure.
- Javascript keylogger in JQuery.
- Clickjacking and Phishing with help from the HTML5 JavaScript Sandbox
Recent Comments
Archives
Categories
Monthly Archives: July 2010
Mongodb is vulnerable to SQL injection in PHP at least
Its a common misconception that as MongoDB does not use SQL it is not vulnerable to SQL injection attacks. PHP uses objects rather than SQL to pass queries to the MongoDB server; for example the following script selects an item … Continue reading