http://www.cgisecurity.com/2007/06/15


UGH

So now we must pay royalties on each pentest we do? ^^ haha yeah right, could be fun.

Just what I need! More legal troubles. :(

- Kyran

Patent this Cenzic: http://www.cenzic.com/forms/hailstorm.php?id=3&camp=\%22%3Exx<script>alert(document.cookie);</script><"


*sigh* great company! ^^

@Ronald: Yep - the contact form is also full with XSS

<edit>and their search too:

http://www.picosearch.com/cgi-bin/ts.pl?index=229422&calln=5&lastq=&sortsel=%22%20onmouseover=%22alert('greetings!')%22%20b=%22&opt=ANY&doc0=20&query=xss
(mouseover the search pagination)
</edit>



Edited 2 time(s). Last edit at 06/19/2007 10:43AM by .mario.

Guys take a look at this
http://intellectualweapons.com/

-Mitmwatcher

Sounds a bit fishy to me. I think complete humiliation of the vendor that refused to work with me would be worth a lot more than the $20 I might end up getting from them. ;)

mitmwatcher Wrote:
-------------------------------------------------------
> Guys take a look at this
> http://intellectualweapons.com/
>
> -Mitmwatcher

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Great business model: Sell vulns for a 90/10 share ^^

if... there'll be a share

If we use this product and it doesn't pick on a particular "fault" vector are we entitled to sue for misrepresentation in that they (cenzic) by there own admission stated that they retain the right to all fault tests and therefore under patent law should be able to ensure without failure they know every single aspect of there patent.

Also, and perhaps most interesting in this patent is from what i read in zeno's article is that possibly every website that uses querystrings/forms in there applications could by default be seen to be encroaching on the patent. However this is not the case and therefore it would appear that the patent relies on the scanners purpose in relation to covering the patent.

Therefore I suggest rather then have a "scanning application tool" you simply re brand your "scanning application tool" into a "website mapping analysis tool" which simply sends millions of malformed requests to the server in order to correctly identify and analyzer the site layout.

btw:
@ronald - great work on the xss, i guess we can put Cenzic into our box of scanning companies that don't have clue and can't protect their own site...oh wait whats that.. its a honeypot 10 years in the making set up to trick ronald...

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Yeah it only has symbolic value, I mean c'mon ^^, if you are a webappsec company, the least thing you can do is to patch all holes in your own site, check it again, re-check it until you are sure.

I get hit with tons of scanners a day, Acuntix ones, libwww-perl bots etc. none was able to find 1 XSS hole in any of my sites. I'm actually a bit insulted that they even tried. And yes I log every request, I know when someone enters a single quote only in any of my sites, nothing escapes my attention, and so a lot are blocked as a result, mostly the automated ones. So I know people try and most of the time they try when I publish something like this, ah the joy of seeing the strugle. :)

Companies often patent things right before they try to get bought. It makes them have a stronger position, and makes their competitors a harder acquisition target. If any of you were around when Sanctum was about to get bought you will remember the idiocy of patenting going on there as well.

- RSnake
Gotta love it. http://ha.ckers.org

rsnake Wrote:
-------------------------------------------------------
> Companies often patent things right before they
> try to get bought. It makes them have a stronger
> position, and makes their competitors a harder
> acquisition target. If any of you were around
> when Sanctum was about to get bought you will
> remember the idiocy of patenting going on there as
> well.


Watchfire was just purchased by IBM a few weeks back, though they didn't try to patent the wheel.

Did they apply for a patent, or received one from a previous submittal? Patents are only good for 7 years anyway.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

@fyoung: Oh?

Sanctum acquired by Watchfire acquired by IBM

System for determining web application vulnerabilities
http://www.patentstorm.us/patents/6584569-fulltext.html

and for a breakdown:

Web Application Penetration Testing Methodology Patent
http://seclists.org/webappsec/2004/q1/0023.html



@Awesome AnDrEw:
"In Canada, a patent lasts 20 years from the date of application, for applications filed since 1 October 1989. In the United States, the term is also 20 years from the date of the first filed U.S. application; however, for applications filed since 29 May 2000, the term may be extended based on any delays in issuance of the patent caused by the U.S. Patent and Trademark Office."
http://www.parteqinnovations.com/randi-faq.html

dev80 Wrote:
-------------------------------------------------------
> @fyoung: Oh?
>
> Sanctum acquired by Watchfire acquired by IBM

I stand corrected.

I have another patent for them: http://www.cenzic.com/products_services/download_hailstorm.php?camp=%22%3E%3Ciframe%20src=http://ha.ckers.org/scriptlet.html%20%3C

Maybe you should patent them XSS sheet Robert. ^^

When I took Accounting in college I could have sworn we learned that patents were only valid for 7 years. Oh well. I do most of my work by "hand" anyway so screw them.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/