Book
Vulnerabilities
qdPM 8.3 - view
Information Disclosure - CVE-2015-3881Full Path Disclosure - CVE-2015-3882
Multiple Reflected & Persistant XSS - CVE-2015-3883
Arbitrary File upload - CVE-2015-3884
getSimpleCMS 3.3.4 - view
Sensitive Information Disclosure - CVE-2014-8722Full Path Disclosure - CVE-2014-8723
Wonder CMS 2014 - view
Password Disclosure - CVE-2014-8701Full Path Disclosure - CVE-2014-8702
Cross Site Scripting - CVE-2014-8703
Local File Include - CVE-2014-8704
Remote File Include - CVE-2014-8705
Pluck CMS 4.7.2 - view
Multiple Full Path Disclosure - CVE-2014-8706Persistant XSS - CVE-2014-8707
PHP Code Execution - CVE-2014-8708
SimpleInvoices 2011.1 - view
Information DisclosureMultiple XSS
SQL Injection
Cross Site Request Forgery
Android app insecure storage
App defender - Plaintext passwords - viewInstalls: 500,000 - 1,000,000
Gallery lock - Plaintext passwords - view
Installs: 10,000,000 - 50,000,000
Handy diary - Unsalted MD5 - view
Installs: 5,000,000 - 10,000,000
Safe gallery free - Unsalted MD5 - view
Installs: 10,000,000 - 50,000,000
Secret notes - Plaintext passwords - view
Installs: 50,000 - 100,000
Smart app lock - Plaintext passwords - view
Installs: 10,000,000 - 50,000,000
Jobberbase 2.0 - view
Path DisclosureOpen Redirect
Multiple Reflected & Persistent XSS
Unrestricted File Upload
Race Condition
SQL Injection
Unquoted Service Path Priv Esc
Waves Audio Service - viewFitbit Connect Service - view
Leap Motion Service - view
Wacom Tablet Service - view
Foxit Reader Update Service - view
Android App - Mirage Realms MMO
screenshot,
whitepaper
Insecure StorageUnencrypted Communications
Lack of Binary Protection
Hardware
Challenge Coin 01
After attending Defcon 26 I got really hooked with the electronic badge challenge (I didn't get very far) and it was a great way of meeting and chatting to other people also excited about it and hacking in general. People there were trading trinkets and electronics there was a sense of community and gifting economy. I also received a DC801 challenge coin, and still think it's an awesome thing. So I decided to give it a go my self. It's just a little coin with a puzzle / challenge on it, but has my URL and email on it so can use as a kind of business card type thing. Really it's just a fun trinket. If you have one: good luck solving it. The best way to get one is to meet me IRL.
|
The following people have solved it: Bits and Electrons - https://www.youtube.com/channel/UCmZeF_rcjrJRnfmXUDALbmw |
Development
Android App
|
Download: FridaLab.apk An app to learn or practice using the reverse engineering program "Frida" against. |
Fitbit App
|
Link: Fitbit App A small metronome app for fitbit versa. |
Website & Android App
|
Link: Website Link: Play Store A game to improve fitness, only move if required steps per day achieved. |
Android App
|
Link: Hero2.0 Create an android app to enhance fighting fantasy books Technologies: Java, Photoshop, Android Studio |
Website
|
Link: Regis Holistic Create a website to help a local business promote themselves Technologies: HTML5, CSS3, PHP, MySQL, HTML5 Boilerplate, Photoshop, jQuery |
Website
|
Link: CSTutoringCenter A website to publish the my solutions for the website cstutoringcenter.com Technologies: HTML5, CSS3, PHP, HTML5 Boilerplate, Photoshop |
Challenges
|
Link: Project Euler A website to publish the my solutions for the website projecteuler.net Technologies: HTML5, CSS3, PHP, HTML5 Boilerplate |
Website
|
Link: Arions Photography Website for a local photographer Technologies: HTML5, CSS3, PHP, MySQL, jQuery, Photoshop |
Redesign
|
Link: SecurityCast Re-design a website for a security radio station Technologies: HTML5, CSS3, skeleton |
Website
|
Link: Untold Kismet Website for a minecraft community Technologies: HTML5, CSS3, PHP, MySQL, JavaScript (jQuery), image manipulation, JSON |
Template
|
Demo: RossTemplate06 A free website template, just for kicks Technologies: HTML5, CSS3, Notepad, Photoshop, Boilerplate, Skeleton Downloads: ZIP, RAR |
Website
|
Link: Adrenalin Re-design and develop a website to expand a local companies business Technologies: HTML5, CSS3, PHP, MySQL, HTML5 Boilerplate, Photoshop, For more info read their humans.txt file |
Website
|
Link: CheckAttacks Create a website to act as an IDS for clients websites Technologies: HTML5, CSS3, PHP, MySQL, HTML5 Boilerplate, Photoshop, For more info read their humans.txt file |
Website
|
Create a website for a guild of the online game "Anarchy Online" including various bespoke PHP applications Technologies: XHTML, CSS, PHP, JavaScript, image manipulation, Notepad, Photoshop, Nvu |
Template
|
Demo: RossTemplate04 A free website template, designed to look like a filmstrip Technologies: HTML5, CSS3, Notepad, Photoshop Downloads: ZIP, RAR |
Template
|
Demo: RossTemplate03 A free website template Technologies: XHTML, CSS, Notepad, Photoshop Downloads: ZIP, RAR |
Template
|
Demo: RossTemplate02 A free website template Technologies: XHTML, CSS, JavaScript, Notepad, Photoshop, Dreamweaver Downloads: ZIP, RAR |
Template
|
Demo: RossTemplate01 A free website template Technologies: XHTML, CSS, Notepad, Photoshop Downloads: ZIP, RAR |
PHP script
|
Link: Bot Code a basic IRC bot. as a challenge & for fun. To be easily expandable with easy to understand code. Technologies: PHP, Notepad |
Website
|
Create a basic website for a developing business to reach potential clients Technologies: HTML, CSS, PHP, image manipulation |
Website
|
Link: UKMessy Re-design a website for a gaming community Technologies: HTML5, CSS3, PHP, MySQL, ClanSphere CMS, Photoshop |
Website
|
A website I coded for a team project. unfortunatly the team has since disbanded and the site is no-longer online. Technologies: HTML, CSS, PHP, JavaScript, image manipulation. |
Website
|
Link: BRYC.co.uk Remake a website from a previous design, modify, update and maintain (no longer my responsibility) Technologies: XHTML, CSS, PHP, JavaScript, image manipulation |
PHP script
|
|
Link: HBH timed PHP Program to complete timed challenges 1 - 5 on the website www.hellboundhackers.org Technologies: PHP, Notepad |
Perl script
|
Created a perl script to make obtaining WEP protected passwords as simple as possible using the aircrack-ng suite of tools. Technologies: Perl, Gedit, Ubuntu |
PHP script
|
|
Link: Light Bulb Challenge PHP Programming challenge about toggeling lights. Technologies: PHP, Notepad |
Website
|
Create a online store for a company to expand and reach potential clients in other countries - Used ZenCart Technologies: XHTML, CSS, PHP, MySQL, JavaScript, image manipulation, Notepad, Photoshop |
Whitepaper
|
Link: Whitepaper three whitepapers that I wrote for: CMS Made Simple 1.0.2, CMSimple 2.6 & JAF CMS 4.0 RC1 Technologies: PHP, vulnerability identification & patching, HTML, javascript, Notepad |
PHP script
|
Link: Concorde2 php ical file PHP script to create an automatic updating ical file for the venue "concorde2" for google calendar click "add by URL" under other calendars and use the URL "http://rossmarkham.com/portfolio/concorde2.php" Technologies: PHP, Notepad |
Plugin
|
Demo: Shoutbox A free PHP flatfile ajax shoutbox with administration area, includes smilies and word filters plus various other features. Technologies: PHP, JavaScript, XHTML, CSS, Notepad Downloads:RAR |
Plugin
|
Link: BeEF Download: beef_update_modules Create a plugin to allow a BeEF to update the modules from a remote location, check which ones you have and allow one click installs Technologies:PHP, cURL, JavaScript, HTML, Notepad Notes:This is no longer working. |
Website
|
Link: IceMaidenDiaries Create a blog website for maximum exposure. Technologies: PHP, MySQL, HTML5 Boilerplate, Photoshop, Wordpress |
Website
|
Create a basic website for a developing business to reach potential clients Technologies: XHTML, CSS, PHP, image manipulation, Notepad, Photoshop |
Demo page
|
Demo: HealthManagement as a part of an interview test I recived a fireworks file at 9am and had until 5pm to create a concept. This is how it turned out. Technologies: XHTML, CSS, JavaScript, Notepad++, Photoshop, Fireworks |
Template
|
Demo: RossTemplate05 A free website template, poker themed Technologies: HTML5, CSS3, Notepad, Photoshop Downloads: ZIP, RAR |