Michele Spagnuolo

Currently studying Engineering of Computing Systems at Politecnico di Milano (Laurea Magistrale) in a joint program with University Of Illinois at Chicago (UIC).

* December 2011 - Admitted to Alta Scuola Politecnica
* November 2011 - Featured on Google Security Hall of Fame
* July 2011 - Laurea (B.Sc.) in Computer Engineering at Politecnico di Milano - 105/110.
* August 2009 - won a study trip to Dublin, Ireland, together with 35 other Italian students who finished High School with maximum mark.
* 2008 - High school diploma (Liceo scientifico PNI) - 100/100+L. Awarded a merit-based scolarship and added to the national INDIRE Registry of Excellence (http://bit.ly/h6unl0).
* May 2008 - won an EU promoted contest with an essay about Altiero Spinelli - "Altiero Spinelli: la forza di un sogno"
Visit to the European Parliament and European Commission at Bruxelles.
* September 2007 - become an Offensive Security Certified Professional (OSCP), certificate holder ID: OS-101-02045.
* June 2007 - University of Cambridge ESOL Examinations - FCE Grade A.
* 2005 - 2006 - Won several EU-sponsored contests. Visits to Amsterdam and Den Haag.

Software & web development

* SMSRecover - dedicated service helping end-users in retrieving accidentally deleted messages on iPhones, using forensic techniques.
* iPhoneSMSExport - convert your text messages to CSV, HTML or PDF online, for free. [PHP/Delphi]
* Trovatel - Open Source project to perform direct and reverse phone numbers lookups (Italian numbers only). [Delphi]

• OSCP (Offensive Security Certified Professional)

  • Offensive Security
  • License OS-101-02045

• First Certificate in English (Council of Europe Level B2)

  • University of Cambridge - ESOL
  • June 2007

• TOEFL iBT

  • ETS
  • April 2011

1. ANSI C
2. C++
3. Python
4. Perl
5. Delphi
6. PHP development
7. MySQL database design
8. MySQL
9. Web Development
10. Web Security
11. Computer Security
12. Computer Forensics
13. Penetration Testing
14. Java
15. Eclipse
16. J2EE

• Italian

  (Native or bilingual proficiency)

• English

  (Professional working proficiency)

Websites:

• Personal Website
• iPhoneSMSExport
• Trovatel

Interests:

Web security, Penetration Testing, Coding, Computer Engineering, Science, Math, Philosophy, Photography, Books, Humour, General Curiosity.

Groups and Associations:

• 
  Arch Linux Users
• 
  CISCO CERTIFIED
• 
  Cisco Networking Academy
• 
  Coderloop
• 
  Information Security Community
• 
  Italian Security Professional
• 
  MSc UIC & PoliMi
• 
  PoliMi - Alumni
• 
  Polytechnic of Milan Alumni
• 
  Python Community
• 
  Students and graduates in Politecnico di Milano

Honors and Awards:

2011 - Google Security Hall of Fame - "Honorable Mention" - http://www.google.com/intl/en/about/corporate/company/halloffame.html

2008 - High school diploma (Liceo scientifico PNI) - 100/100+L. Awarded a merit-based scolarship and added to the national INDIRE Registry of Excellence (http://bit.ly/h6unl0).

Offensive Security Certified Professional #OS-101-02045
Won several EU promoted contests (view Summary).

• PHP-Nuke Search Module Cross-Site Scripting Vulnerability

  • SecurityFocus
  • August 1, 2007
  Authors: Michele Spagnuolo

  PHP-Nuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
  
  An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

• Reuters.com HTML injection + XSS

  • March 10, 2011
  Authors: Michele Spagnuolo

  Reuters Finance is vulnerable to a Cross-Site-Scripting (XSS) attack, and to a HTML code injection.

• Using Parse Tree Validation to Prevent SQL Injection Attacks

  • July 1, 2011
  Authors: Michele Spagnuolo

  Based on "Using Parse Tree Validation to Prevent SQL Injection Attacks" by Gregory T. Buehrer, Bruce W. Weide, and Paolo A. G. Sivilotti.
  
  An SQL injection attack targets interactive web applications that employ database services. Such applications accept user input, such as form fields, and then include this input in database requests, typically SQL statements. In SQL injection, the attacker provides user input that results in a different database request than was intended by the application programmer. That is, the interpretation of the user input as part of a larger SQL statement, results in an SQL statement of a different form than originally intended. We describe a technique to prevent this kind of manipulation and hence eliminate SQL injection vulnerabilities. The technique is based on comparing, at run time, the parse tree of the SQL statement before inclusion of user input with that resulting after inclusion of input.
  
  I wrote a simple Bison grammar for a subset of SQL and a lexer in Flex, then a PHP frontend that presents the user differences between parse trees of two queries: a reference query and a query to test.

• AmericanExpress.com XSS vulnerability (SSL with Extended Validation bypass)

  • August 13, 2011
  Authors: Michele Spagnuolo

  American Express website is vulnerable to a Cross-Site-Scripting (XSS) attack.
  Since a malicious attacker can execute arbitrary JS code, SSL EV is bypassed.

• Mirror.co.uk XSS vulnerability

  • August 18, 2011
  Authors: Michele Spagnuolo

  The Mirror is vulnerable to Cross-Site-Scripting (XSS) attacks.

• Google Security Hall of Fame - Honorable Mention

  • November 2011
  Authors: Michele Spagnuolo

  I have discovered a security vulnerability in Google Sites.

• Facebook "Post By Email" in Facebook Groups is vulnerable

  • January 2012
  Authors: Michele Spagnuolo

  If you have a hosted email address associated with your Facebook account (probably every email address without DKIM key signing mechanism, except GMail, Hotmail, MSN and a few others big mail providers) you are vulnerable and everyone can post as you in Facebook groups which have an associated @groups.facebook.com email address.