images - Dave's Blog


Search

Ben Goldacre’s TED talk on publication bias, drug...

2012 Sep 28, 3:55


drug companies hiding the results of clinical trials.

(via I did a new talk at TED, on drug companies and hidden data.)

PermalinkCommentsscience video ted

New Deal With It

2012 Sep 17, 4:41

nickholmes:

Thanks Internet. 

PermalinkCommentshumor president new-deal

Stripe CTF - Input validation (Levels 1 & 2)

2012 Sep 6, 5:00

Stripe's web security CTF's Level 1 and level 2 of the Stripe CTF had issues with missing input validation solutions described below.

Level 1

Code

          $filename = 'secret-combination.txt';
extract($_GET);
if (isset($attempt)) {
$combination = trim(file_get_contents($filename));
if ($attempt === $combination) {

Issue

The issue here is the usage of the extract php method which extracts name value pairs from the map input parameter and creates corresponding local variables. However this code uses $_GET which contains a map of name value pairs passed in the query of the URI. The expected behavior is to get an attempt variable out, but since no input validation is done I can provide a filename variable and overwrite the value of $filename. Providing an empty string gives an empty string $combination which I can match with an empty string $attempt. So without knowing the combination I can get past the combination check.

Notes

Code review red flag in this case was the direct use of $_GET with no validation. Instead of using extract the developer could try to extract specifically the attempt variable manually without using extract.

Level 2

Code

    $dest_dir = "uploads/";
$dest = $dest_dir . basename($_FILES["dispic"]["name"]);
$src = $_FILES["dispic"]["tmp_name"];
if (move_uploaded_file($src, $dest)) {
$_SESSION["dispic_url"] = $dest;
chmod($dest, 0644);
echo "

Successfully uploaded your display picture.

";
}

Issue

This code accepts POST uploads of images but with no validation to ensure it is not an arbitrary file. And even though it uses chmod to ensure the file is not executable, things like PHP don't require a file to be executable in order to run them. Accordingly, one can upload a PHP script, then navigate to that script to run it. My PHP script dumped out the contents of the file we're interested in for this level:


Notes

Code review red flags include manual file management, chmod, and use of file and filename inputs without any kind of validation. If this code controlled the filename and ensured that the extension was one of a set of image extensions, this would solve this issue. Due to browser mime sniffing its additionally a good idea to serve a content-type that starts with "image/" for these uploads to ensure browsers treat these as images and not sniff for script or HTML.

PermalinkCommentsinput-validation php security technical

Alex takes a few steps

2012 Aug 16, 4:06
From: David Risney
Views: 70
0 ratings
Time: 00:43 More in People & Blogs
PermalinkCommentsvideo

Alex walking via walker

2012 Aug 6, 4:44
From: David Risney
Views: 62
0 ratings
Time: 00:53 More in People & Blogs
PermalinkCommentsvideo

(via Pareidoloop) “Phil McCarthy’s Pareidoloop...

2012 Aug 6, 4:11


(via Pareidoloop)

“Phil McCarthy’s Pareidoloop overlays randomly generated polygons on top of one another until facial recognition software recognizes a human face. Can’t sleep, at SIGGRAPH! [via @Brandonn]”

PermalinkCommentstechnical images facial-recognition siggraph

arcaneimages: Wait for it…

2012 Jun 4, 12:48


arcaneimages:

Wait for it…

PermalinkCommentshumor crow murder bird

Code: Flickr Developer Blog » Parsing Exif client-side using JavaScript

2012 Jun 1, 2:51

Flickr parses the exif out of images using Web Workers, and Blob (File API)!

PermalinkCommentsjavascript blob exif image technical programming dom webworker web-browser

Play Fez

2012 May 7, 3:30

I'm done playing Fez. The style is atmospheric retro nastalgia and on the surface the gameplay is standard 2D platformer with one interesting Flatland style game mechanic but dig deeper to find Myst style puzzles. Despite the following I thoroughly enjoyed the game and would recommend it to anyone intrigued by the previous. Five eighths through the game I ran into one of the game's infamous Fez save game breaking issues, but I enjoyed the game enough that I started over before any patches were released and had no further issues.

While playing the game I created some tools to help keep track of my Fez notes (spoilers) including a Pixelated Image Creator that makes it easy to generate data URIs for large, black and white pixelated images, and (spoilers) a Fez Transliteration Tool to help me translate the in-game writing system.

PermalinkCommentsvideo-game fez game xbox

Image Error Level Analysis with HTML5

2012 Apr 16, 1:59

Javascript tool says if a photo is shopped. It can tell by looking at the pixels. Seriously. Links to cool presentation on the theory behind the algorithm behind the tool: http://www.wired.com/images_blogs/threatlevel/files/bh-usa-07-krawetz.pdf

PermalinkCommentstechnical javascript jpeg photoshop

(via Stereogranimator: transform historical stereographs from...

2012 Jan 30, 8:47


(via Stereogranimator: transform historical stereographs from NYPL archives into animated gifs and 3d images)

PermalinkCommentshistory photo 3d

(via Defend our freedom to share (or why SOPA is a bad idea):...

2012 Jan 18, 3:21


(via Defend our freedom to share (or why SOPA is a bad idea): Clay Shirky on TED.com)

PermalinkCommentsvideo copyright clay-shirky sopa pipa legal politics mpaa ted

Alex tries baby food

2012 Jan 3, 12:02
Alex tries baby food for the first time.
From: David Risney
Views: 49
0 ratings
Time: 00:39 More in People & Blogs
PermalinkCommentsvideo

Features of image type input tags in HTML

2011 Nov 21, 11:00

A bug came up the other day involving markup containing <input type="image" src="http://example.com/.... I knew that "image" was a valid input type but it wasn't until that moment that I realized I didn't know what it did. Looking it up I found that it displays the specified image and when the user clicks on the image, the form is submitted with an additional two name value pairs: the x and y positions of the point at which the user clicked the image.

Take for example the following HTML:

<form action="http://example.com/">
<input type="image" name="foo" src="http://deletethis.net/dave/images/davebefore.jpg">
</form>
If the user clicks on the image, the browser will submit the form with a URI like the following:http://example.com/?foo.x=145&foo.y=124.

This seemed like an incredibly specific feature to be built directly into the language when this could instead be done with javascript. I looked a bit further and saw that its been in HTML since at least HTML2, which of course makes much more sense. Javascript barely existed at that point and sending off the user's click location in a form may have been the only way to do something interesting with that action.

PermalinkCommentsuri technical form history html

Nintendo Game Maps

2011 Sep 28, 10:22They've got maps from your favorite NES games as giant images. I'm using SMB3 1-1 as my desktop background. I've got a four monitor setup now and so its tough to find desktop backgrounds but Mario levels easily cover my whole desktop.PermalinkCommentsgame videogame map nintendo nes

A history of map monsters. (IMAGES)

2011 Sep 20, 9:19PermalinkCommentsScience technical

Sleepy Alex

2011 Sep 10, 10:27
PermalinkCommentsvideo

Baby Room (Pre Baby)

2011 Aug 7, 2:22
PermalinkCommentsvideo

CSS Fonts Module Level 3

2011 May 10, 10:49Interesting standards disagreements showing up in specs: "Some implementers feel a same-origin restriction should be the default for all new resource types while others feel strongly that an opt-in strategy usuable for all resource types would be a better mechanism and that the default should always be to allow cross-origin linking for consistency with existing resource types (e.g. script, images). As such, this section should be considered at risk for removal if the consensus is to use an alternative mechanism."PermalinkCommentsreference web development font specification w3c css3

Flickr Is Now Offering Photo Licensing Through Getty Images

2010 Jun 19, 5:03"Flickr is now offering the option for photographers to license their photos through Getty Images."PermalinkCommentsflickr economics photo legal getty-images
Older Entries Creative Commons License Some rights reserved.