Abiusx - abiusx.com
General Information:
Latest News:
Mass Removing Facebook Friends 22 Mar 2013 | 01:44 am
I have Googled around on how to mass remove facebook friends from time to time. Unfortunately facebook does not allow that, because its bad for business; but many people are looking for a hack around....
Meta-Reflection variable name detection problem for Pull Widgets in PHP 19 Mar 2013 | 04:36 pm
First of all, Happy Nowruz! Tomorrow is officially the new Jalali year‘s start. Best of wishes to everyone. The Problem I’ve been working on an elegant design for a new PHP Widget library for some t...
APA CTF 2013 Write-up 15 Dec 2012 | 05:17 am
This post is about Sharif CERT (APA) center’s recent CTF (10 dec 2012), which is one of a kind in Iran. Most CTFs are a few days long since there are time-zone differences, but since this one is in Ir...
Migrating mail from one host to the other 31 Oct 2012 | 04:47 pm
I was in the process of migrating a host from Helm 4 to DirectAdmin, and it seems that Helm is pretty crappy and does not store mail in user’s storage, but instead in its own mail manager, but what el...
PHP Serialization Pollution Attack 2 Oct 2012 | 11:56 pm
PHP Serialization has a fatal flaw which allows for pollution of the scope and global context of an application, as well as running arbitrary code in some scenarios if sources of taint are allowed in....
Stripe CTF 2 – Web Challenges 26 Aug 2012 | 07:55 am
I participated in the Stripe CTF Web Attacks and thus far it was the most well designed CTF I have ever encountered (and I have participated in a couple dozen). This is the second Stripe CTF, the firs...
Software Bloats: epic failure and how to prevent it 13 Aug 2012 | 09:44 pm
Bloating is one of the most fatal horrors that can happen to a piece of software. It is when you have a nice working software that everyone loves, and then you start adding odd crazy features into the...
HTTP Host Alteration Attack 16 Jul 2012 | 06:54 am
While I was thinking about certain ways of summarizing CSRF prevention for OWASP PHP Security Cheat Sheet - mixing taint tracking with different request criteria – I found a certain type of attack aga...
PyQtX, binary PyQt distributions for Mac OS X 9 Jul 2012 | 01:33 am
Qt is a rather magnificent and silent framework. Every application I tend to find amusing and well developed, is based on Qt, but nobody really knows that. There’s not much boasting around it, as it i...
Secure Web Application Framework (in Persian) 8 Jul 2012 | 07:24 pm
I just finished my Bachelor’s thesis with the topic “Secure Web Application Framework”, unfortunately it’s in Persian, thus only Persian readers can enjoy it. It’s about 200 pages, which about half o...