Blogs.Researches.Insights

Blogs, Researches and Insights by Pandora Security Labs.

Protect Yourself From DoS or DDoS Attacks

  Have you ever experienced being bullied by a group of kids or get tons of assignments to be submitted on the same date? How does that feel? Overwhelming, right? Well applications, systems, and other devices can also feel the same thing when they are getting Denial-Of-Service (DoS) attacks. So you’re probably here because you…

Details

4 Steps To Setup HTTPS For Ubuntu HTTPD

  Intoduction HTTPS or SSL mainly revolves around the terms, encryption and identity assurance. HTTPS can be found in applications usually dealing with E-commerce, online banking, on online transaction involving monetary value, and sensitive data. Because this little thing right here encrypts and protects your valuable data while it’s travelling through the cloud and into…

Details

What You Should Know About Shellshock

   What is Shellshock? If you read a lot about history and medical conditions, you might probably thinking about the post traumatic disorder syndrome wherein soldiers during the first world war suffered from. We will not be talking about that “shellshock” in this case. The shellshock that we are going to talk about is the…

Details

Defend Against Directory Traversal Attacks

  Introduction Where do you keep your valuables, important documents, or credit cards? Is it really safe? Do you have the keys? Who else got the keys? Are you sure they’re all protected from all kinds of threats? With all the creative ideas of attackers, syndicates, bad guys nowadays, it is really difficult to be…

Details

WebRanger – Alternative to Incapsula WAF

Introduction There are lots of web application firewall solutions (also known as WAF) nowadays. There are even different kinds of WAF: appliance-based, cloud-based, server-based, and application-based. But how can you know which kind of WAF fits your bill? Previously, WebRanger has been compared as an alternative to CloudFlare. This time let’s compare WebRanger and Incapsula.…

Details

WebRanger – An Alternative to ModSecurity

Introduction SAFE. It can be a metal box with a combination where you can put your highly confidential documents or expensive valuables for safekeeping; or an underground shelter which you believe that can protect anyone from any kind of storm or calamity. But is there really a place, storage, or anything that is safe? With regards to the Internet…

Details

5 Common Ways How Hackers Hack Your Website

    Introduction Ever wondered how on earth hackers hack your website? Is it easy, or is it difficult? Why do the hacker-guy Justin Long, in Die Hard 4 find it easy to hack? Can we stop it? Why on earth do that junkie guy in Mr. Robot get through with just small information? Is there…

Details

3 Things You May Not Know About SQL Injection

  INTRODUCTION In the recent Ant Man movie, I want to focus on one thing – Luis, Scott’s extremely chatty friend. In their quest to stop Darren Cross from his evil plans, Luis disguised as a security guard to help Scott with their plan to infiltrate the Pym Technologies building where Cross’ powerful Yellowjacket resides.…

Details

Joomla Critical RCE Vulnerability 2015

  Last December 2015, a new Joomla critical RCE vulnerability has been actively attacked by hackers. This vulnerability allows hackers to conduct PHP object injection attacks leading to a full remote command execution [1]. The Joomla versions 1.5 to 3.4.5 are affected and are therefore susceptible to this attack. A modified payload of the attack from an IP…

Details

Addressing WordPress Comment Spam

  Introduction If you own a WordPress website there’s a high possibility that you have already encountered this numerous times. These are those comments which are not content related advertisements and most of the times incoherent phrases or paragraphs. They are attempts to generate or boost web traffic to their own website. According to Wikipedia,…

Details

Why We Built WebRanger

  How IT All Began Websites and web applications are one of the most vulnerable digital asset any organization. Why so? Because it is open to the public, 24×7. As more and more activities are now being done online through websites and web applications, the urgency of securing them is real. Websites are primarily visited…

Details

How To Detect Magento Shoplift Bug

  Introduction Magento[1] is an e-commerce platform which provides online merchants with a shopping cart system. Last February, a shoplift bug patch was issued by Magento.com[2]. It addresses remote code execution (RCE) vulnerability also known as the “Magento shoplift bug” that allows the attacker to obtain Admin access to the store.   Detection Pandora WebRanger…

Details

Protect Your Websites from Bot Scrapers

  INTRODUCTION Nowadays, different kinds of bots have been lurking in the web and as developers or website owners, you must be mindful which are possible threats are or not. First things first. What are bots and what can they do to your website? Bots are basically software programs which imitate human behavior for different…

Details

Stopping WordPress Brute Force Attack

  Introduction Last September 2015, Sucuri has identified a new exploit called the WordPress brute force amplification attack targeting WordPress sites [1]. This new exploit attempts to guess tens to thousands of different usernames and passwords in a single HTTP request through a feature of XML Remote Procedural Call (XMLRPC). To further understand how this…

Details

Magento Magmi Plugin – Local File Inclusion

Introduction This year there has been two incidents of Local File Inclusion[1] (also known as LFI) vulnerability for the Magento Magmi plugin. The first vulnerability was published on exploit-db.com by SECUPENT[2]. It was a vulnerability in web/ajax_pluginconfig.php. Last October, security vendor Trustwave also published[3] about a zero-day vulnerability.It was previously discovered that the Magmi version…

Details

Joomla Session Hijacking (CVE-2015-7857)

    Introduction A new vulnerability targeting the Joomla Platform has been discovered by a researcher named Asaf Orpani from Trustwave SpiderLabs[1]. Joomla is one of the most used content management system across the web and is known to be second from WordPress[2]. The vulnerability exhibits a SQLi that targets a core module of Joomla,…

Details

WordPress XSS Vulnerability – Floating Social Bar

    CVE: 2015-5528 Affected component: WP Floating Social Bar Plugin v1.1.5 and below Tested on: WordPress 4.1.1   Introduction The previous WordPress post discussed about the risk of using website plugins. Aside from the previously discussed e-Commerce Shop Styling vulnerability, there are more WordPress plugin vulnerabilities reported this year. In fact, there are more…

Details

Joomla Plugin Vulnerability (HD FLV Player) Exploit

Introduction Previously, an exploit was demonstrated in Magento by taking advantage of the known SQLi vulnerability (CVE-2015-1397). Though that the previous exploit is directed at the core files of Magento, today will be directed at plugins or extensions from a different content management system. This Joomla plugin vulnerability is also known as Using Components with…

Details

WordPress E-Commerce Shop Styling Vulnerability

    CVE: 2015-5468 Affected component: e-Commerce Shop Styling Plugin v2.4 and below Tested on: WordPress 4.1.1   Introduction Plugins or extensions are separate software components that add addition functions and power to an existing software or application. These plugins are what make WordPress websites to become more than a blogging site, where it is…

Details

WordPress 4.2 Stored XSS Vulnerability

  CVE: 2015-3440 Affected component: WordPress 4.2, 4.1.2, 4.1.1, 3.9.3 Tested on: WordPress 4.2   Introduction WordPress is another Content Management System (CMS) used on millions of sites around the globe. It provides free and easy way to create and host websites on which users can select from a number of themes, both free and…

Details

Magento SQLi Vulnerability (1.9.1.0 CE)

Introduction It is common to see nowadays that businesses are leveraging the use of content management systems (CMS) for their own advantages. Throughout the time these CMS have changed from simple platforms that cater to blogs and forums to eventually cater to ecommerce platforms. Given that these ready-made websites offers several advantages, they are not…

Details

Drupal Critical Vulnerability (Drupal PSA-2014-003)

Before the year ends, another big security scandal arises. From Drupal’s Public Security Announcement (PSA) page, “Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 – Drupal core – SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.”

Details

Try WebRanger for Free Today!