All Questions
68 questions
0
votes
0
answers
2k
views
How easy or difficult it is to exploit older SSL/TLS protocols?
Detection of outdated TLS/SSL protocols are one of the most common findings I have seen in many vulnerability scans and penetration testing reports. It is reported as a serious vulnerability too. ...
- 1,367
1
vote
1
answer
459
views
Received a strange text message. What is it? [closed]
This morning I received the following text message from a Gmail account:
v3s5f3rs4f3gs3.nf5j4k8j4k3o.solar?G$1?V&?KL?O=$HO?&S?K0?$1T
A couple of my friends got it too. I have an iPhone and it ...
- 777
1
vote
1
answer
480
views
How to exploit open redirect vulnerability which must contain the original url
Let's say I have the following url: https://secure.sub.domain.com/?continue=https://sub.domain.com
I found out that I can put anything I want before sub.domain.com in the continue parameter as long as ...
- 11
0
votes
1
answer
150
views
Attacking VPN server's outgoing connections
Due to increasing concerns about privacy online I recently started researching technologies that are supposed to hide our activities from unwanted watchers.
I've been learning about workings of VPN ...
0
votes
1
answer
1k
views
exploiting CVE-2020-0668 problem
I've been trying to get mentioned security error working on my machine so I could fully understand how it works. I've been following those instructions: https://itm4n.github.io/cve-2020-0668-windows-...
0
votes
0
answers
495
views
What are the main differences between a covert timing channel and a covert storage channel?
I am trying to find the differences between a covert timing channel and a covert storage channel in terms of detectability, performance, features, and any other advantages and disadvantages.
Is ...
- 13
81
votes
6
answers
21k
views
Can malicious code fit in 14 bytes?
I was reading this The New York Times (NYT) article about the hack of Jeff Bezos's phone. The article states:
The May 2018 message that contained the innocuous-seeming video file, with a tiny 14-...
- 805
2
votes
2
answers
1k
views
What should I think about users with huge numbers of successful login attempts in a short period?
What to think about a user making thousands of successful login attempts over a short period? What are the dangers of such a behavior and how to protect against them?
A couple of examples of dangers ...
- 121
0
votes
1
answer
344
views
XSS: Character showing in DOM [closed]
I have created an html page that redirects user to a test site that has an XSS vulnerability. I am able to successfully execute javascript via the vulnerability. However, I have found that some of the ...
- 101
0
votes
0
answers
285
views
Is JIT-compiler required for JIT-ROP attack?
I have been studying up on the concept of Just-in-Time (JIT) ROP attack (https://cs.unc.edu/~fabian/papers/oakland2013.pdf), and came across this question which I have not been able to find the ...
- 1
1
vote
0
answers
128
views
How can this Authentication/Authorization flow be improved?
I am currently building a full stack web app mainly as part of an exercice. This app is made up of a back end on a server (written in Go), and a front end written in Angular (so on a user's browser). ...
- 111
80
votes
13
answers
28k
views
Is divide-by-zero a security vulnerability?
Even though sometimes software bugs and vulnerabilities are deemed as the same concept, there must be at least one distinct aspect between them, and I think the most prominent one is exploitability (...
- 859
6
votes
3
answers
387
views
What is the (literally) lightest way to run a second secure system?
My goal is to have two separate systems where one is secure even if the second one is full of malware. My current approach is to have two separate laptops and the only way these two communicate with ...
- 61
1
vote
1
answer
743
views
ROP Attack :Force the program to manipulate an instruction as a gadget
I'm doing basic exploitation test on a simple program with fiew lines of code. I intend to exploit a buffer overflow vulnerability to perform a ROP attack.
To gather the available gadgets I use ...
- 83
1
vote
2
answers
152
views
Does installing more programs result in higher chances of being exploited?
Theoretically, the answer could be yes since you increase the attack surface.
However, I was wondering if in practice it really makes a difference. I am mostly worried about exploits for web facing ...
- 11