About the author
Christian Stottmeister is a technical projectmanager responsible for large website setups with a personal interest in security, web technology and projectmanagement issues. Contact information and more details about Stotti can be found here.
@cstottmeister on Twitter
- RT @gloom303: Fairlight's rendering secrets - a must-see: http://bit.ly/aRZLoL #demoscene #gameprogramming #realtime #graphics Twitter 2010/09/01
- http://u.nu/69u2f @wayfu Cool title. Have you gotten a lasting impression by @Soundcloud's interpretation of the failwhale? ;) Twitter 2010/09/01
- @MattesGroeger Welcome to #Berlin then. :) Gotta take a drink with you when you settled down. Keep me noticed when you're ready. ;) Twitter 2010/08/31
- Happy Birthday, @fl3a! :) Twitter 2010/08/30
- http://bit.ly/oraclekillsopensolaris @wiik Just read your blogpost four days late... it's a shame! #oraclekillsopensolaris Twitter 2010/08/18
-
RSS Links
Most popular posts of last month
License
This work by Christian Stottmeister is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Germany.
Category Archives: security & privacy
The origins of Cross Site Scripting
Anecdotes on the term "Cross Site Scripting" (a.k.a. XSS/CSS) and a few links to prevent Cross Site Scripting attacks.
Also posted in world wide webtech Tagged security, web application security, webmaster, xss Leave a comment
Google will inform webmasters about their vulnerable software
As announced earlier Google will soon start to inform webmasters if they’re running out-of-date or vulnerable software. All webmasters registered with the Google Webmaster Tools will soon get notifications in case of using outdated software. Google is trying to achieve this by parsing the HTML code of the website, especially the generator meta tag. Quoting [...]
Also posted in my beloved code, world wide webtech Leave a comment
New Wordpress password hasher tool
This time just a quick post as I am in a hurry. Ever wondered how to change your Wordpress password in case you have forgotten it? In early versions Wordpress used the MD5 hashing algorithm to “encrypt” the passwords of a user. Nowadays Wordpress uses the Portable PHP password hashing framework (PHPASS) instead of MD5 [...]
Also posted in hands off! this is my stuff Tagged cipher, hashsum, md5, password, wordpress 15 Comments
How to crack MD5 passwords with John the Ripper – a live example exploiting TYPO3
Earlier I told you how to crack MD5 passwords in general. This article tells how to get the passwords out of a TYPO3 installation, which are MD5-hashed, and crack them using John the Ripper.
Preparations step 1: lurk the data!
Okay, assuming that you’re an TYPO3 administrator that wants to check the password strength of your backend [...]
Boards.ie Forums have been hacked – don’t panic!