Bugtraq mailing list archives
Re: Adgregate ShopAd widget validation is vulnerable to replay attack
From: Matthew Dempsky <matthew () dempsky org>
Date: Wed, 8 Apr 2009 00:21:53 -0700
On Tue, Apr 7, 2009 at 6:56 PM, Matthew Dempsky <matthew () dempsky org> wrote:
As an update, since I submitted my first message, Adgregate changed their validation mechanism. The current method is still intermittently vulnerable to replay attacks, but now there's actually an expiration mechanism to deal with.
I've updated http://shinobi.dempsky.org/~matthew/adgregate.html to handle the new validation mechanism. It's basically the same as before, except every 5 minutes (aligned with the hour) the (single, global) validation string changes. You can easily retrieve the current one using curl: $ curl -e https://secure.adgregate.com/vid_m_widget.swf \
https://secure.adgregate.com/validatewidget.aspx?wid=1
&validation=3F228F6F-6B30-4BB4-A7D0-EF5D7F4ABD54 I'll continue updating the above URL as they (hopefully) further revise the scheme, but I'm going to refrain from spamming BugTraq about it.
Current thread:
- Adgregate ShopAd widget validation is vulnerable to replay attack Matthew Dempsky (Apr 08)
- Re: Adgregate ShopAd widget validation is vulnerable to replay attack Matthew Dempsky (Apr 08)
- Re: Adgregate ShopAd widget validation is vulnerable to replay attack Matthew Dempsky (Apr 08)
- Re: Adgregate ShopAd widget validation is vulnerable to replay attack Matthew Dempsky (Apr 08)