Collaborate Disseminate
I was recently participating in a CTF with a challenge that required contestants to find two .pdf files with the same md5 hash, and that got me thinking about how that could be a potential vulnerability in some systems (though not necessar… Continue reading Is it common practice to take multiple hashes of the same object?
I know that when you attempt to log in to a device via SSH, upon inputting an incorrect password, you must wait several seconds before you get another attempt. This is obviously a deterrent against brute force attacks. But what’s stopping … Continue reading What’s stopping attackers from brute forcing SSH passwords over new sessions?
I was just wondering about how an Apple iPhone knows that you aren’t a certified service provider when, for example, you replace the battery. I’m aware that it checks the serial number of the battery when it boots and compares that to the … Continue reading How does the iPhone know you’re not a certified service vendor? [migrated]
I found out recently that iPhones will change their MAC address every time they connect to a network. But I’ve found that things like internet filters are still able to identify each unique device, regardless of the device’s MAC address, h… Continue reading How do networks identify iPhones when their MAC Addresses are constantly changing?
I know there are many different types of DNS records out there, and you can see most of them with a simple query tool like dig. But now I’m wondering which types you can’t see from a scan like that. Does anybody know of any types like this… Continue reading What DNS records can you not see from dig? [closed]
I’ve heard that quantum computers may soon be powerful enough to crack standard encryption. If this is true, could we potentially harness them to end ransomware? Instead of paying the ransom or coming up with some alternate solution, could… Continue reading Could Quantum Computers Quickly Crack Ransomware Encryption?
If a potential attacker was able to upload a cross-origin <iframe> element to your website as a post of some sort, what could they actually do through it? I know that cross-origin <iframe> elements are able to do simple stuff l… Continue reading What XSS attacks could somebody perform through an iframe?