Collaborate Disseminate
I was recently going through the HTTP Desync attack presented here:
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn
This raised one question concerning the way the HTTP packets are treated throu… Continue reading Http Content-Length too long – Time Out
I’ve been reading a lot about WEP cracking on online resources very recently, however there is one question that no website gives answer to I believe.
I would like to first understand the theory very well.
I understand how … Continue reading WEP cracking – Why does many IVs allow to actually get the cipher key
I’m working on a php application that is handling file upload.
I’m trying to inject a path transversal payload in the filename such as /../../../../etc/.
The thing is that the vulnerable line of code is using the filename th… Continue reading Directory transversal in PHP with the $_FILES array?
I’m trying to understand how easy it is to crack a SHA1 hashed password. I have a training database giving hundreds of password hashed.
I have tried to use some online tools to crack them and I have realized that I can only crack relativ… Continue reading Is it possible to crack any SHA1 hashed password
During a CTF, I had the intuition that there was a blind SQL injection entry point in the URL. I tried to inject:
‘ UNION SLEEP(5);–
I was expecting to receive a response after 5s, but actually, I haven’t received any. I… Continue reading Blind SQL injection – Get a time out and don’t know why
I’m studying a file injection in a web app running on an Apache 2 server with PHP backend and Linux OS. I would like to understand how the file uploaded permission is set up.
The file uploading is done mainly in two lines: … Continue reading PHP file_upload default permissions?
I’m currently working on a code presenting a BSS buffer overflow:
#include <stdio.h>
#include <stdlib.h>
char username[512] = {1};
void (*_atexit)(int) = exit;
void cp_username(char *name, const char *arg)
{
… Continue reading BSS buffer overflow
I’m trying to understand how email spoofing works.
After studying the technical process, I have finally understood that :
1)The spoofer will try to scan every ports of a smtp server to catch the mx
2) Connect with telnet t… Continue reading How a spoofing email site such as emkei works
For the critical services, is it safer to have different complex passwords and a password manager or the same password for every service and a two-factor authentication?
The password manager is risky if it gets compromised.
… Continue reading Password manager or two -actor authentication
Can a malware that infected your local computer compromise a KeePass database stored locally in any way?
If yes, what’s the point for KeePass to have such strong security mechanisms if it cannot resist to this scenario? If y… Continue reading KeePass security local malware