Sorry I haven’t had a chance to post lately. I got some great posts coming up, I just haven’t had a chance to sit down with ‘em yet. I was going to write today but alas…I didn’t
So to hold you over here’s a quick five minute black hat tip
Finding Link Injection Possibilities With Versions & Changes Logs
Search for popular file names that include version update information and changes logs that are typically found in downloadable website scripts.
Two good places to find them would be:
Check the changes and version logs and look for vulnerability fixes that happened recently. These typically mean theres a possibility for a link injection or spamming possibilities.
Try to download the versions of the script before the bug was fixed.
Look for the vulernability and figure out a way to exploit it.
Search for sites using the same script and attempt to link inject on all of them.
New posts coming out soon