Anonymous – Page 2 – WindowsTechs.com

Running zap scan on a web application is not detecting all endpoints

Posted on February 12, 2025 by Anonymous

I want to run ZAP automated scan to a web application. I have the url which is example.com/myapp. When I browse the application in burpsuite, I can see some rest endpoints being called like example.com/authz/rights-administration/.
When ru… Continue reading Running zap scan on a web application is not detecting all endpoints→

How to apply code signing

Posted on February 5, 2025 by Anonymous

I have a client-server on prem application.
If I want to provide code signing, what are the files that should be signed (exe or jar or cmd or …) ?
Also should both files on server and on client be signed ?
Is there a standard to follow t… Continue reading How to apply code signing→

how to exploit CVE-2024-36387 in httpd [closed]

Posted on November 21, 2024 by Anonymous

As per the NVD description and the httpd official website, the vulnerability states:

"Serving WebSocket protocol upgrades over a HTTP/2 connection could
result in a Null Pointer dereference, leading to a crash of the server
process, … Continue reading how to exploit CVE-2024-36387 in httpd [closed]→

why CVE-2019-0231 is critical? [closed]

Posted on November 8, 2024 by Anonymous

I am looking at this vulnerability: CVE-2019-0231
The NVD description says:

Handling of the close_notify SSL/TLS message does not lead to a
connection closure, leading the server to retain the socket opened and
to have the client potentia… Continue reading why CVE-2019-0231 is critical? [closed]→

how is CVE-2021-22044 risky

Posted on November 5, 2024 by Anonymous

I am looking at this CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-22044
The description says:

In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to
2.2.9.RELEASE, and older unsupported versions, applications using type-level @Reque… Continue reading how is CVE-2021-22044 risky→

how to check usages of a class method in open source code

Posted on October 21, 2024 by Anonymous

I detected in a codeline usage of a bouncy castle that is vulnerable to the cve CVE-2023-33201.
The CVE seems to come from the guilty class X509LDAPCertStoreSpi.java, and in specific the method search().
In the codeline I am testing, there… Continue reading how to check usages of a class method in open source code→

can a tomcat application sitting behind a reverse proxy be exploited

Posted on October 14, 2024 by Anonymous

I am trying to exploit a vulnerability in tomcat based on CVE-2020-13935.
I found online this interesting poc https://blog.redteam-pentesting.de/2020/websocket-vulnerability-tomcat/
In my case, the tomcat server is exposed through a revers… Continue reading can a tomcat application sitting behind a reverse proxy be exploited→

how to exploit pathtraversal vulnerability

Posted on September 13, 2024 by Anonymous

I am pentesting an http server using jetty, where I have access to the code.
One of the urls I am looking at is get /services/test.js
Looking at the code below:
@GET
@Path("services/{script:.+[.]js}")
@Produces(MediaT… Continue reading how to exploit pathtraversal vulnerability→

can vulnerabilities in transitive dependencies be exploitable?

Posted on September 10, 2024 by Anonymous

I am running nmap on an http server, and I got the netty version used by the server.
Netty version used is 9.4.53.v20231009 , I tried to check online for CVEs related to this version, and it seems this versions is not directly linked to CV… Continue reading can vulnerabilities in transitive dependencies be exploitable?→

Is missing SAN in certificate a security issue?

Posted on September 5, 2024 by Anonymous

I am running testssl scan on an http port, after running the scan I got some errors highlighted in red.
The main one that I noticed is that certificate does not have SAN.
testlssl output:
subjectAltName (SAN) missing (NOT ok) — Br… Continue reading Is missing SAN in certificate a security issue?→