Collaborate Disseminate
Recently, one of my website has been hacked in a very interesting way.
By doing some researches I’ve found that I wasn’t the only one affected by the hack, but didn’t find anything about it.
Note : I am going to describe my… Continue reading Google’s view of a web page is corrupted
I have a network dump (PCAP file) from a “conversation” between a web server apache (192.168.1.2) and some clients:
What a should look for to prove that the server buffer (or TCP WINDOW) is full? I received 403 error (erro… Continue reading How to prove the Apache web server is not accepting connections anymore because of an denial of service attack (Slowloris)?
I have set up my own Root CA and Intermediate CAs for my local sites (virtual sites). I also have installed them to trusted certificates in my computer and also the intermediate CAs on their own folder in the cert market of m… Continue reading XAMPP/Chrome net::ERR_CERT_INVALID on VALID Certificate Chain
I opened my apache error logs today and found this:
[Fri Apr 28 06:52:59.219655 2017] [cgi:error] [pid 25030] [client 172.30.0.155:12810] script not found or unable to stat: /var/www/cgi-bin/webcm
I have never put anything… Continue reading /var/www/cgi-bin/webcm vulnerability
The disclosure of an Apache Struts 2 vulnerability made the framework a lucrative target and highlighted the importance of patch management.
The post The Apache Struts 2 Vulnerability and the Importance of Patch Management appeared first on Security Intelligence.
Continue reading The Apache Struts 2 Vulnerability and the Importance of Patch Management
I’m trying to evaluate benefits of using ModSecurity in our system. From that what I read till now, I have feeling it is not very useful for us.
In our web app, there is single entry point, which is encrypted websocket conne… Continue reading Is it worth using ModSecurity on a single entry point websocket connection?
I am using:
apache2-2.4.25-5.1.x86_64
apache2-mod_security2-2.9.0-6.1.x86_64
Apr 13 18:59:36 mail start_apache2[16810]: AH00526: Syntax error on
line 1 of /etc/apache2/mod_security2.d/crs_whitelist.conf:
Apr 13 18:59:36 mail sta… Continue reading apache modsecurity SecRule ipmatch errors
I have a fail2ban rule for Apache2 logs that which looks like this:
[Definition]
failregex = ^[^ ]+ <HOST> .* \[\] “[^\”]*” 408 \d+
This will detect the 408 errors which happen when a TCP connection times out.
The f… Continue reading Blocking slowloris using fail2ban, what are the correct parameters?
In my Apache configuration file, I am currently blocking potentially malicious user agents using the following config:
SetEnvIfNoCase User-Agent “^\W” badagent
<Location />
Deny from env=badagent
</Location>
… Continue reading Apache User-Agent Injection
I am using sqlmap to fetch some data from database but unfortunately some data are not accurate. For example, the real data is “APPLE” but sqlmap fetches ‘@PPLE’ or something like this.
In some other cases when I select mult… Continue reading SQLMAP inaccurate data fetch