Alex – Page 6 – WindowsTechs.com

What’s the concrete case for code flow being more secure than implicit flow?

Posted on July 23, 2019 by Alex

It’s seeming like the extra loop via the client backend in code flow only adds obscurity – not security. If, in the end, the client backend dishes out the same access token to the front end as the auth server would via implicit flow, what … Continue reading What’s the concrete case for code flow being more secure than implicit flow?→

How to check if this attack was successful?

Posted on May 2, 2019 by Alex

Having no clue about these hacking/ injection attacks, I really wonder what this is called and how to check if damage was done. If this is the wrong place to ask, I’d appreciate some guidance on how to proceed.

Our website r… Continue reading How to check if this attack was successful?→

Finding the worpress installation logwatch is referring to [migrated]

Posted on April 28, 2019 by Alex

Today, I got

A total of 2 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):

/wp-content/plugins/wptf-image-… Continue reading Finding the worpress installation logwatch is referring to [migrated]→

Individual public keys for embedded devices?

Posted on February 21, 2019 by Alex

I have a hardware device, which collects data. It should then encrypt the data, and send it to a server, which should decrypt the data.

The device is an embedded system which can be programmed only once (during manufacture),… Continue reading Individual public keys for embedded devices?→

Unexpected text pasted into Excel out of nowhere – hacked?

Posted on January 18, 2019 by Alex

While I was working in Excel, the following text appeared:

108.162.221.65
162.158.75.124
172.68.78.28
162.158.75.124

They are Cloudflare IP addresses that I hadn’t copied.

My first thought was, what if someone had hacked … Continue reading Unexpected text pasted into Excel out of nowhere – hacked?→

Accidentally clicked a phishing link, am I at risk?

Posted on January 3, 2019 by Alex

I clicked a link from a fake Twitch streamer and now I’m scared of being spied on. I typed my account details but didn’t actually sent them because I realized it was a fake link right before clicking enter.

Am I at risk fro… Continue reading Accidentally clicked a phishing link, am I at risk?→

How secure is WebPack?

Posted on December 18, 2018 by Alex

If NPM packages are so vulnerable as described in this article, is it acceptable to use WebPack for web-applications, in which security is a priority?

Edit: when using WebPack you should use NPM-packages (with a lot of their… Continue reading How secure is WebPack?→

Certificate works in Chrome + Firefox but not with curl ("unable to get local issuer certificate") with the recent cacert.pem

Posted on December 18, 2018 by Alex

I am trying to connect to a site behind a firewall, that is why I cannot share the URL for verification.

$ curl -vvvv https://example.com:8080/foo/ba/?wsdl –cacert /tmp/cacert-2018-12-05.pem
* Trying a.b.c.d…
* TCP_NODELAY set
* Con… Continue reading Certificate works in Chrome + Firefox but not with curl ("unable to get local issuer certificate") with the recent cacert.pem→

which algorithm is being used

Posted on December 4, 2018 by Alex

currently at our job we have a system that is Windows encrypted XP. In order to access Windows itself you must supply a “code” from the company. The issue we have is that sometimes they answer quickly but other times it could… Continue reading which algorithm is being used→

Reverse shell breaking instantly after connection has been established

Posted on November 16, 2018 by Alex

currently I’m preparing for OSCP and right know I’m working on reverse shells. Using msfconsole it’s not problem to get a meterpreter-session, however meterpreter is not allowed during the exam so I want to go the “manual” wa… Continue reading Reverse shell breaking instantly after connection has been established→