r3dfl4g – WindowsTechs.com

Brute forcing login page with epoch time as anti-csrf token [on hold]

Posted on May 18, 2019 by r3dfl4g

Im doing a lab running a php webserver.

Theres an admin page that POSTs “username=foo&password=bar&login-1558201477=”

The “login-(epoch) ” is converted from the http response timestamp as a hidden field.

I’ve tri… Continue reading Brute forcing login page with epoch time as anti-csrf token [on hold]→

Can Scapy be detected and blocked by IDS/IPS? How can I know if my Scapy packets are being blocked? [on hold]

Posted on January 4, 2017 by r3dfl4g

I am running a Python DNS server on a VPS, which will send DNS responses back to the machine that sent the DNS query.

The scapy packet sent back acting as a DNS response.

def process(pkt):
ip = pkt[0].getlayer(IP)
… Continue reading Can Scapy be detected and blocked by IDS/IPS? How can I know if my Scapy packets are being blocked? [on hold]→