WTF.uzz

In addition to my previous article – Old Cookies Die Hard, and detailed disclosure of LinkedIn Vulnerability, I studied the cookie patterns from different websites. Many of these websites have complex patterns in the cookies which are long enough (> 100 characters) and complex (A-Z, a-z, 0-9 and symbols). In ideal case (Web Session Management [...]

Though a little late, but India is surely & steadily accelerating in pitching cyber security as key agenda, and promoting cyber awareness among the young generation. Mind it, we are at the epiphany of witnessing something remarkable under the leadership of people like Raghu Raman, Alok Vijayant and Janardhan Swamy. More importantly, we are indebted [...]

One of our readers, Farhan has discovered* that some of websites having PayPal portal for payment are vulnerable and can be exploited using simple JavaScript. The JavaScript bypasses the payment page and redirects the user to download page for products like software or eBooks. He has already informed the PayPal about this issue and they [...]

Rishi Narang, a security researcher and consultant, has discovered multiple vulnerabilities in LinkedIn (www.linkedin.com) which can enable an attacker to modify an account “without password”. Read information of this session management nightmare at www.wtfuzz.com or contact him at twitter (@rnarang) for further details.

PWN0 (http://pwn0.com) the hackers playground is a VPN where (almost) anything goes. You just need to sign up, connect to the VPN and start hacking. This is what the website says! I loved the domain name and felt to give it a shot. Here is how the home page looks like, Pretty intriguing! Isn’t it? [...]