Collaborate Disseminate
Gopher protocol is used a lot when exploiting SSRF, but how?
a Gopher URL takes the form:
gopher://<host>:<port>/<gopher-path>
but let’s take this example:
gopher://10.10.10.3:80/_POST%20/login%20HTTP/1.1%0aContent-Ty… Continue reading SSRF trough Gopher
I would like to know the process of how public keys/certificates are renewed for a website. I understand the concept of CA (Certificate Authority) chains, and how the public key/certificate for a site is signed by a CA (usually an intermed… Continue reading SSL/x509 certificate/public key expiration [duplicate]
Is it possible to make accounts or data undeletable? Obviously, accounts that are internet accounts survive things like factory reset "one just has to sign in again." But is it possible to make an account or piece of data undelet… Continue reading Is any account or data undeletable? [closed]
I am the admin of several Google accounts. I have disabled the account deletion feature for the Google accounts I manage. However, I am wondering if the accounts are simply unable to be deleted at all, or if they are just unable to be dele… Continue reading Could a Google account be lost without the user deleting it? [migrated]
My Apache web server logs suffer from the dreaded [ssl:error] AH02032: Hostname www.example.com provided via SNI and hostname example.com provided via HTTP are different.
I know what it means and why it happens.
I need to manually reproduc… Continue reading How to manually connect to my web server and send a TLS handshake with a hostname, followed by the HTTP request headers with a different hostname
A common multi factor authentication solution will ask a user for a username+password and a one-time password.
In all documents I can find both factors are asked by the same identity provider. This can be the website itself or for example … Continue reading Does it make sense to split two factor authentication between identity providers
A bank where I have an auto loan has a credit reporting feature. The feature shows that I have several “Dark Web Alerts” for “Compromised Email Address”. The alerts list the breached sites, for example schmevite.com and schmafepress.com (a… Continue reading What do these credit security alerts mean?
I have my final year dissertation coming up and I’m thinking of doing a project where I evaluate attacks on an IoT network using Contiki/Cooja simulator. The project as it stands is too simple and has been done a few times. I… Continue reading Are nodes that are mobile in a IoT network more vulnerable to certain types of attacks?
I am creating a .NET core webapp in C# that takes in a user password and hashes it to be stored on a server. I’m using Rfc2898DeriveBytes along with a randomly generated salt. I’ve read, however, that I should avoid using str… Continue reading How to avoid using System.String with Rfc2898DeriveBytes in C#
A CAA allows specifying which Certificate Authorities are authorized to issue a certificate for my domain. For example
example.com. CAA 0 issue “symantec.com”
will only allow Symantec to issue certificates for example.com.
However as explained in Why don’t browsers check CAA records to help ensure a certificate is valid? this is not verified or enforced by browsers. There is no reason to set it to the CA that issued the current certificate.
With that in mind: would it not be more secure to set the CAA-record to an invalid CA like this:
example.com. CAA 0 issue “doesnotexist.com”
That way nobody can issue a certificate.
My certificate is still valid for several years from now and I will not need any CA to issue a certificate right now. When time comes I will temporarily change the CAA record to the specific CA to allow it.
Continue reading Is it more secure to set a DNS CAA record to a non-existing CA?