Collaborate Disseminate
There is a new article explaining the details of the new Google OAuth2 exploit where a Google session can be restored using a Chrome token. But what I can’t seem to find on Google or in the article itself is…
Am I correct in understandi… Continue reading Does the New Google Session Hijacking Technique Require Access to my Computer
I came across a CTF that i’m trying to solve, the goal is fairly simple: Bypass the authentication form and access the admin-restricted area. You can find the code snippet below.
Things to consider:
The CTF is a simulation and a demonstra… Continue reading PHP CTF: Vulnerabilities in PHP before 2007?
I’m trying to figure out if the code below is open to object injection:
<?php
// loggin level
define(‘CRIT’, 5);
define(‘ERROR’, 4);
// secret is defined somewhere in the script like this
define(‘SECRET’, ‘mYs3cr37P4… Continue reading PHP code review: is it open to object code injection through unserialize [closed]
Two Factor Authentication is a security scheme that requires authentication of different kinds, frequently something you know and something you have. For example, your ATM Card is something you have while your pin is something you know, an… Continue reading Does Microsoft Authenticator for webmail login provide any security improvement? [duplicate]
Currently in the news is yet another hack, this time from NSO and it is reported that an attack vector is via a web link. This is far from unique, as we have got used to advice to not click on "dodgy" links. From this we can de… Continue reading Why are web browsers insecure?
I have a local application that normally authenticates against a remote Active Directory server. If the local host loses network connectivity, a special local account becomes available for login. Currently, that account has a standard pass… Continue reading Is there any secure method to have recoverable passwords?
I’m trying an injection on the following SQL statement:
SELECT * FROM Products WHERE ((name LIKE ‘%Apple%’ OR description LIKE ‘%Apple’)
I’ve determined that the Products table has 9 columns, and that the Users table exists. I’m trying … Continue reading What to do if right table has more columns than left table for UNION injection?
I’m trying an injection on the following SQL statement:
SELECT * FROM Products WHERE ((name LIKE ‘%Apple%’ OR description LIKE ‘%Apple’)
I’ve determined that the Products table has 9 columns, and that the Users table exists. I’m trying … Continue reading What to do if right table has more columns than left table for UNION injection?
I was reading about Shibboleth’s metadata — https://wiki.shibboleth.net/confluence/display/CONCEPT/Metadata#Metadata-Use(andnon-use)ofMetadata , and how it’s used to identify IDPs and service providers involved in the SAML f… Continue reading If only SP (or IDP) uses Shibboleth in its SAML implementation, can the systems still communicate?
I’m trying to understand the benefits of encrypting assertions in SAML requests, especially if those requests travel over SSL. As I have read, this isn’t required. After authentication, if a service provider requests inform… Continue reading Is there a SAML scenario where you would need an encrypted assertion if you are using SSL?