Null Byte Injection – How hackers can upload malicious scripts and bypass security.

In this post, I will explain how a hacker can bypass file upload restrictions to upload arbitrary files using null byte injection. To fully understand the null byte vulnerability, we must take a look at how the C language handles strings. This is important because at some point, PHP relies on C/C++ functions to handle … Read more

WordPress 4.2.3 is here !

WordPress, everyone’s favorite CMS, has a new version: 4.2.3 available today. This should be considered as a security release for all previous versions, and of course, we strongly recommend you to update your wordpress website immediately. Here at Boston Web Group, we’ve seen tons of WordPress sites get hacked.  It’s a sad thing to see, … Read more