Shibboleth Example Login Page: POST Location Hijacking Vulnerability

Written by admin in Code, Vulnerabilities on Thu 09 December 2010. Tags: implementation fail, phishing, post hijacking, shibboleth, xss,

EDIT: This flaw, according to the lead Shibboleth developer, was discovered and patched in late 2008. It seems that a number of universities are still running outdated copies of the software, which is what I found in my research. If you are running the latest version of Shibboleth (2.2 ...

Continue reading »

RevDNS 0.30 Release

Written by admin in Uncategorized on Sun 22 August 2010.

Hey all,

Today I posted RevDNS v0.30, an update to the multi-threaded Python script based on dnspython that I wrote for quickly doing reverse DNS scans of IP blocks. Version 0.30 adds some new features, and fixes a few bugs.

New Features

  • Improved threading system, based on the ...

Continue reading »

Copyright Ben Schmidt 2015