Collaborate Disseminate
With standard XSSI, an attacker can include a remote script which contains user-bound secrets across origins, and then read them out.
I have an endpoint which returns sensitive Javascript code, but the request to fetch it is POST-based (th… Continue reading Is POST-based XSSI possible?
I am implementing a web service with a front end and back end. Everything but the login endpoint requires authentication. For authentication I use Authentik. However, I have trouble wrapping my head around which tokens to give to the user,… Continue reading OIDC + Authentik: Which token to give to user for authentication?
A web hosting company has emailed me a QR code so I can have Authenticator generate a 6-digit PIN to use as the second factor after I’ve logged into my portal with username and password. What, if anything, could a person accomplish who had… Continue reading What, if anything, can a person accomplish who has intercepted an emailed QR image for Authenticator?
I’m currently an IT Director who has been involved in everything from IT support to a systems administrator, to Director. I have largely learned on the job and have no undergraduate degree in IT. I have a master’s in database technologies … Continue reading Pathway into cybersecurity from IT director position
I have the following injection:
DELETE FROM table WHERE id IN(‘[injection]’);
And I can use these characters: !#$%&’*+/=?^_`{|}~.- . So I can exit the single-quoted string via ‘, but I can’t exit the IN clause because I don’t have ).
… Continue reading SQL injection into IN(‘[injection]’) without parentheses or comma
I have a fundamental question about the harm of leaving a backdoor in one of my public websites / plattforms. I do not want to discuss the details why I wanted to do that, I just want to understand the problems with it.
Let’s assume I’d in… Continue reading What’s so bad about including "backdoors" to a Website?
Executing the portable git for 64-bit Windows from https://git-scm.com/download/win caused a cybersecurity alarm in a company. Why could it happen?
OpenVPN throws a "signature digest algorithm too weak" error when I try to connect to a specific VPN.
A common suggestion for a workaround is using the following config:
tls-cipher "DEFAULT:@SECLEVEL=0"
This works, but… Continue reading What is the impact of OpenVPN SECLEVEL=0?
Given a query such as:
SELECT * FROM users limit 1,$limit
Is there a way to exploit this when using MySQL 8 and the standard PHP MySQL functions (ie no multi_query)?
What I have tried (unsuccessfully):
1 procedure analyse(extractvalue […. Continue reading SQL injection into LIMIT in MySQL 8
I have a Windows service that accesses a database connection. Since users rarely use Windows authentication, I encrypt the connection string. For development I have the password hard-coded, but I know this is a very bad idea. What is the p… Continue reading How should I store a password used by a service written in .NET