Rediscoverer

“Welcome to the 1st ever Philippine PHP Developer’s Conference that will be held this upcoming December 1, 2007 where sharing opensource solutions in the enterprise and schools is the main theme.This is in follow up with last April’s grand meetup which caught the attention of Philippines IT Industry and were looking forward of expanding it’s presence thru this event.”

Disabled and readOnly input elements both prevent its data from being changed (at least via the user).
But a disabled input element’s data is not sent with other data when the form is submitted. Could’ve saved me that extra 30-minute debugging time.

Received an email claiming that it’s from Skype and it wants me to update my Skype profile. It was already suspicious because I don’t think Skype (and perhaps other service providers) would suspend users for not updating their account. It gave me a link to http://cavyg.com/ze4/include/cs/www.skype.com/login454544465646464/index.htm which was “dressed” as https://secure.skype.com/login_update_done=1115487. And that was the giveaway clue.

Curious of what’s behind the link, I clicked it. After the page has loaded Firefox informed me that it’s a possible phishing attempt.

Hmmm… I wonder where they got my email address and if they knew I’m a Skype user or just randomly sent out the email. I already warned my friends about it.

Ok. Playtime’s over. Some people need to fix something.

I’ve been playing with an XSS vulnerability in a social-networking site I’m using. The site had already had XSS holes in the past that got patched. But then the addition of new features always opened up new problems.

One boring weekend, I got really curious with what I can do with XSS. Usually, whenever I see a site that is prone to script injection, I pop-up an alert box (a warning to fix the hole) and redirect them to somewhere else (usually Google). This time, I tried something neat. I’ve already read articles about stealing cookies via XSS but didn’t get to see how the stolen cookies were put into use. So I thought of doing an actual experiment if those things really work.

Long story short: it worked. I was able log into other user accounts without knowing their password. I asked some people for help to test this and gave them a demo. Really, I’m tempted to peek at other people’s account. But I don’t want guilt to keep me awake all night after a hard day’s job.

I already informed the folks at that site about the XSS hole. Maybe I’ll post how I did it after the vulnerability gets fixed. It was quite simple like the articles I’ve read before.

I was looking at the MySQL manual for Date and Time functions and stumbled upon a function that I might need for an “experiment” I’m doing. I used the function EXTRACT in my query, having my test run on phpMyAdmin, but it was giving me a syntax error warning. I thought that I might have the wrong syntax for EXTRACT so I tried running a sample query, right straight from the manual.

But it still gave me the same error warning. It should be working since its, after all, it was in the manual… otherwise it would be corrected or removed. I ran the same query, but this time the mysql command line. It worked. I executed the query in PHP, it also worked. Well, I think phpMyAdmin is having some problems with this. I’m using phpMyAdmin - 2.8.1, on MySQL 5.0.21 that comes with XAMPP . Maybe I’ll try to ask somebody to test it in other versions.

I was so conscious of properly sanitizing user input with htmlspecialchars() and addslashes() that sometimes I forget to trim() them for whitespaces. A small application I’m currently doing with CakePHP had this kind of bug related to unwanted whitespaces. It took me sometime to spot it.

I had this seemingly undetectable bug on one application I made using javascript. It was running fine on Firefox, no errors or warnings. But when my client checked it out the page wasn’t working. I wasn’t able to test it on IE right away since I only have Firefox installed on my office PC (which is running on Linux with no Wine installed). After arriving home, I looked at the page using IE and yes, the app wasn’t working. It took me the whole night to figure out what was going wrong. I forgot what error message IE was giving me. The only thing I remember is that it doesn’t much about the problem. I read the code one more time, checking for any uninitialized variable or something that I might have overlooked. I was doubtful that it was suffering from cross-browser problems, since I relied mainly on Prototype’s nice collection of thingies that were already tested for cross-browser compatibility.

I loaded my javascript file on my editor (ConTEXT) and began reading the code again. Half-way through the code, I saw a trailing comma inside an object definition. It kinda looked like this:

I almost didn’t notice it. If it wasn’t for the big font I’ve set on my editor, I’d be rewriting a large chunk of my app. Hmmm… looks like Firefox is kind to orphan commas.