web

httptunnel is a GPL application for encapsulating network traffic within valid HTTP requests and responses.  This tunnel can be used to bypass firewalls, including many application proxies.  It is comprised of a server and client daemon written in C.

Installation couldn't be simpler.  It resides in the Debian package repository, so on Debian Sarge I was able to use apt to fetch and install the binaries and man pages:

~$ sudo apt-get install httptunnel

If you prefer to use the source, compilation uses the *nix "standard" ./configure; make; make install process:

Acidus from Most Significant Bit Labs  has released a tool called TinyDisk that stores files in WORM (Write Once Read Many) fashion on a web application.  While this is not significant in itself, what is different is that it can save the file in someone else's web app.

By exploring the limits of the site (in this case, TinyURL), Acidus was able to store AES encrypted Base-64 encoded files as URLs in TinyURL's database.  Files can be then retrieved by simply asking for the URLs, and reversing the encoding/encrypting process.  This is not unique to TinyURL, many sites could be "abused" the same way.

Acidus' presentation "Layer 7 Fun: Extending Web Applications in interesting ways" can be found here.

The lesson in this?  Always validate ALL input from untrusted sources.  Not validating input is #1 on the OWASP Top Ten Most Critical Web Application Security Vulnerabilities.