>
United We Stand  
english
design studio portfolio I.D.S
WEBSITE DESIGN
Flora Pacifica
flora.jpg
zoom
Bob Zawaski P.C., ABR
bob.jpg
zoom
Ann MacLean
maclean.jpg
zoom
 SurfSide-Realty
surfside.jpg
zoom
Tiny Caudell Real Estate
bluepacific.jpg
zoom
 Blue Pacific Realty
blupac.jpg
zoom
Erka
erka.jpg
zoom
 Elease Returns (now in work!)
e_lease.jpg
zoom
Golden Bear Auto Leasing
bear.jpg
zoom
 Suzie Etchart
suzie.jpg
zoom
Harper
harper.jpg
zoom
 South Coast Humane Society
society.jpg
zoom
North Gate Auto
northgate.jpg
zoom
 Opal Jewelry Cleaner (now in work)
opal.jpg
zoom



Management Ventures, Inc (www.mventures.com) We developed an interactive questionnaire for users of this site. The administrative part includes sorting and analyzing of information which was displayed in the format of diagrams and graphs. The questionnaire was realized in ASP and using MS SQL Server 7.0 for data storage.

Security analysis of Perl scripts.

www.buildereferals.com Security analysis of Perl scripts. After we had discovered some security flaws (script source access, full database access) and the site had been patched, the second step of analysis was performed. During this stage some other flaws (not related to scripting) were found and reported.

www.companionbar.com The site is closed now. It was similar to Spedia and other companies paying for viewing advertisement. The client part was written in VB6, while paid ad views were registered on the server via SSL connection (as TCP sniffer showed), so at TCP protocol level the client-server communication was secure, but it was possible to sniff API calls to the wininet.dll. Our security analysis was one of the reasons of project suspension.

www.platinclicks.com The site is closed now. Tracking of the users logged into the site was done by username and DES-encrypted password in URL. But after thorough inspection a security flaw was discovered - an incorrect encryption algorithm. Instead of crypt(password, salt) a crypt(salt, password) function call was used. As only 2 firs symbols of salt are significant, the password (a two-symbol string which is identified by site as a correct password) of any user could be found in some minutes (36^2 combinations of alpha-numeric symbols). The owners of PlatinClicks were informed about the problem, but no actions were taken on their side (perhaps they thought it better to close the site).

about us
services
portfolio
members
about your project
about our partners
contact
portfolio
|about us|services|partners|
|portfolio|your project|members|contact| 		 
Copyright © 2001-2008 International Data Service. All Rights Reserved.