Collaborate Disseminate
In a Unix-like system, the concept of privileged and non-privileged users is used for security, preventing numerous attacks. When a non-privileged user executes malicious code at a normal level, the kernel can reject its execution by recog… Continue reading Kernel level attack?
I am woking on a CTF game at my school.
I have an invented a scenario where the first step is basic SQL injection to a WordPress widget I created. When it starts, it creates a "menu" table in the database with the rows "id&… Continue reading Creating a WordPress SQL injection vulnerability [migrated]
In order to upgrade the wifi card of my W530 thinkpad I need to patch the original bios with 1vyrain. One effect of the patch should be that the whitelist for wifi-cards is removed.
What potential security issues may be associated with suc… Continue reading Security risks with 1vyrain BIOS ThinkPad jailbreak
I aim to backup my gnupg private key by writing it down on paper. The software paperkey seems to be promising, but one of its behaviors is unexpected.
I do the following
$ gpg –export-secret-keys –output secret.gpg "My Key Id"
… Continue reading paperkey generates different output every time [closed]
The Israeli ministry of health reports many statistics on Covid patients (Numbers of confirmed cases, hospitalizations, people in quarantine – Divided by age and other demographics) available here (Albeit only in Hebrew)
In any category, n… Continue reading The Israeli MOH databases on Covid patient numbers have a lower cutoff value on published numbers of patients. How does this protect privacy? [migrated]
I plan to store half of my password in plain text
item: "Gmail"
key: gmail
and another half, the master password, in my head. The real password will be generated by the hash of the combination of the master and the key.
echo &qu… Continue reading Ways to tamper with xclip -loop on linux
How can I decide if I could trust a given DNS service as a user?
For example I have just seen DNS-Watch which tells me that it is
secure and that they don’t log anything.
How can I decide if the claims about security and … Continue reading How do I know if I can trust a DNS service
I needed to implement CRT mode for AES and coded following codes. But I am not an expert so I want to know experts comments. I tried to minimize code to be easier to read, so I deleted some methods and add some comment where … Continue reading Is it good implement for AES CTR mode?
As a guardian, we wish to protect our family especially children from malicious websites.
We implemented the following technologies:
K9
Symantec client protection
But it can be surpassed with ultra surf
We’re too much … Continue reading How to implement child protection firewall?
I want to know if it’s possible to reveal the ISP-assigned IP address of a user with JS:ScriptIP-inf [trj] or by other means, who is browsing a webpage that doesn’t contain any Java Applet and the user uses Elite Proxy and VPN.
Continue reading Getting real IP address of a user using VPN and Elite Proxy