]> http://www.ajaypal.com/taxonomy/term/16/0 en http://www.ajaypal.com/online_ticket_booking_is_fun.html <p>The fun of online ticket booking. No going to agents and listening to their non-sense, no asking questions, just sit in front of your dear computer fire the browser, select Destination, make payment using the Credit Card and lo and behold you have the tickets.</p> <p>Well not that simple, specially when you are using a computer based on <A href='http://www.gnu.org'>free software</a> (free as in freedom). I use GNU/ Linux, Mozilla Firefox, I dont trust Windows for online transactions [<a href='online_ticket_booking_is_fun.html#WHATIF'>*</a>].</p> Bug Reports Exposed Fri, 15 Sep 2006 12:52:43 -0500 http://www.ajaypal.com/ptu_xss.html <p>These days <a href='http://lists.grok.org.uk/full-disclosure-charter.html'>Full Disclosure mailing list</a> is being dominated by <a href='http://en.wikipedia.org/wiki/XSS'>XSS vulnerabilities</a>. It is time I should put up my contribution too, for an XSS vulnerability I have known for around 7-8 months.<br /> The site in question ptu.ac.in is of Punjab Technical University, Jalandhar. The URL http://ptujal.org used to refers to the same site.</p> Bug Reports Exposed Security Mon, 29 May 2006 00:01:51 -0500 http://www.ajaypal.com/yahoogroups_spam.html <p>SPAM, I sort of dislike it and prefer my mail box to be free of SPAM. Spam filters like <a href="http://spamassassin.apache.org/">spamassin </a> are very much effective against it. But for around past three-four months I have been receiving a new form of SPAM, in the form of <a href="http://groups.yahoo.com">yahoo groups</a> invitations. All sort of marriage alliance invitations, hey I am happily married, please stay away. If I block one another one pops out, even I am helpless.</p> Exposed Security Sat, 18 Mar 2006 08:32:38 -0600 http://www.ajaypal.com/script_kidding_for_the_blind.html <p>This is the error log of httpd (apache) on one of the server machines that is about to be replaced very soon, interesting thing is to see how the <a href="http://www.ajaypal.com/crack_attemptes_unsuccessful.html">script kiddy</a> goes about locating vulnerable web applications:</p> Exposed GNU/ Linux Security Tue, 07 Mar 2006 02:39:39 -0600 http://www.ajaypal.com/php_crack_attempt.html <p>Now this is something annoying (not interesting) some script kiddy, who may have either compromised <a href="http://whois.sc/207.157.58.25">207.157.58.25</a> or maybe is some silly script kiddie student of <a href="http://207.157.58.25/">http://www.wallace.edu</a> attempted a PHP injection attack on this server. </p> <p>The kid came from <a href="http://whois.sc/207.157.58.25">207.157.58.25</a> and the kiddo has the scripts stored <a href="http://66.235.216.137/~balanced/.../">here</a>. The store house of kiddo seems to be some server of <a href="http://www.ipowerweb.com/">ipower web inc</a> a web hosting company. He has a load of cracking tools stored on the server. I will try to report this to ipower people. Hope they will listen.</p> <p>One more thing, this <a href="http://proxyking.servehttp.com:8080/pk/service?service=Echo">service</a> is an almost a regular, you will see this in your logs just before the attack is about to begin. Almost all kiddos use this before they start their dirty work.</p> Exposed Security Sun, 06 Nov 2005 14:32:14 -0600