Collaborate Disseminate
In the TPM architecture, we know that after a "Measurement" procedure is performed, it is followed by a "PCR Extend" procedure, in which the resulting system configuration metrics data (20 bytes) are appended to the val… Continue reading TPM – How the integrity of the system configuration is guaranteed if the PCR hash is overwritten on each "Measurement"?
I recently tested the NTP Time Synchronization Attack as desribed and demonstrated by Jose Selvi in 2015.
Basically, the attack was mostly used to send the victim’s clock in the future, so the already cached HTTP Strict Transport Security … Continue reading How did ntpd got pacthed to prevent NTP time synchronization attacks?
How does a DNS Rebinding attack work? How can it violate the Same-origin policy?
Will the victim’s browser send cookies to the remote server (specified by IP), when the domain is not the same as is in the cookie, created by … Continue reading DNS Rebinding attack – will the victim’s browser send cookies?