programming

Search for "Vista UAC" and you'll find a number of sites which tell you how to disable UAC prompting in Vista - within the top ten results.  What if it was possible to get the advantages of UAC without the explicit (and in some cases, excessive) prompting?  In at least some cases, it may be.

Acidus from Most Significant Bit Labs  has released a tool called TinyDisk that stores files in WORM (Write Once Read Many) fashion on a web application.  While this is not significant in itself, what is different is that it can save the file in someone else's web app.

By exploring the limits of the site (in this case, TinyURL), Acidus was able to store AES encrypted Base-64 encoded files as URLs in TinyURL's database.  Files can be then retrieved by simply asking for the URLs, and reversing the encoding/encrypting process.  This is not unique to TinyURL, many sites could be "abused" the same way.

Acidus' presentation "Layer 7 Fun: Extending Web Applications in interesting ways" can be found here.

The lesson in this?  Always validate ALL input from untrusted sources.  Not validating input is #1 on the OWASP Top Ten Most Critical Web Application Security Vulnerabilities.