VU#797896: CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables

Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle(MITM)attacks on internal subrequests or to direct the server to initiate connections to arbitrary hosts. Continue reading VU#797896: CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables

DIY Motion Control Camera Rig Produces Money Shots On A Budget

Motion control photography allows for stunning imagery, although commercial robotic MoCo rigs are hardly affordable. But what is money? Scratch-built from what used to be mechatronic junk and a hacked Canon EF-S lens, [Howard’s] DIY motion control camera rig produces cinematic footage that just blows us away.

[Howard] started this project about a year ago by carrying out some targeted experiments. These would not only assess the suitability of components he gathered together from all directions, but also his own capacity in picking up enough knowledge on mechatronics to make the whole thing work. After making  himself accustomed to stepper …read more

Continue reading DIY Motion Control Camera Rig Produces Money Shots On A Budget