Collaborate Disseminate
Suppose that some company suffered a cyber attack where data has been stolen. After taking care of everything and having a full forensic report of what actually happened (how attackers got into the system), should that compan… Continue reading When should company disclose a details of cyber attack?
Logitech (and possibly other) mice offer a feature called “flow”: mouse can pair with uop to 3 devices (PC, handheld, …), and can mark, copy & paste content (even files) between these 3 devices (according to the description, not boug… Continue reading "Flow" between computers (Logitech mouse)
There are sophisticated campaigns in which users are sent .dotm, .jpg, .png files. These are hosted on compromised servers. When the user accesses the files (including viewing of graphic files) it is stated that their NTLM h… Continue reading NTLM authentication and SMB / WebDAV based attacks
I’m dealing with a malware which has multiple threads monitoring each other, I’m unable to kill all of them at once so I can’t get rid of it, how do I go about this? I was thinking about using a kernel-debugger but maybe ther… Continue reading How to kill a process with multiple threads?
I was reading the Wiki entry for Replay attacks. It mentions that timestamps can be used as a countermeasure against such attacks:
Timestamping is another way of preventing a replay attack.
Synchronization should be ach… Continue reading How effective are timestamps as a countermeasure for Replay attacks?
It’s sometimes possible to use an alternate encoding to get around security checks (CAPEC-267). While the JSON spec may be strict on what is valid, popular parsers don’t necessarily conform perfectly [1].
My question is thu… Continue reading Are JSON key names vulnerable to alternate encoding (CAPEC-267) attacks?
This question already has an answer here:
XSS inside HTML attribute where < and ” are filtered
1 answer
Following is t… Continue reading How to do xss in html attribute [duplicate]
I am trying to do a bypass on a page for an XSS but I can not, I would appreciate it.
The scenario is as follows:
The page displays the following:
http://www.webpage.com/jm/web.faq.Faqs.PortalFaqsController?axn=search&txtSearch=Tracking code
When trying to put any xss, I appear for example:
your research: ScriPtALeRti am here/scriPt had 0 results
I tried to evade it, because it shows that it recognizes the “<>” and so I put the following:
http://www.webpage.com/jm/web.faq.Faqs.PortalFaqsController?axn=search&txtSearch=<svg><a><rect%20width=100%%20height=100%>
However, nothing is displayed. In the console of the page, I see the following:
web.faq.Faqs.PortalFaqsController?axn=search&txtSearch=<svg><a><rect%20width=100%%20height=100%>:310 A Parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message.See https://www.chromestatus.com/feature/5718547946799104 for more details.*
If I click on where this is generated, I get the following, which shows that it uses ‘unescape’:
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
Thanks for your help.
I am trying to do a bypass on a page for an XSS but I can not, I would appreciate it.
The scenario is as follows:
The page displays the following:
http://www.webpage.com/jm/web.faq.Faqs.PortalFaqsController?axn=search&txtSearch=Tracking code
When trying to put any xss, I appear for example:
your research: ScriPtALeRti am here/scriPt had 0 results
I tried to evade it, because it shows that it recognizes the “<>” and so I put the following:
http://www.webpage.com/jm/web.faq.Faqs.PortalFaqsController?axn=search&txtSearch=<svg><a><rect%20width=100%%20height=100%>
However, nothing is displayed. In the console of the page, I see the following:
web.faq.Faqs.PortalFaqsController?axn=search&txtSearch=<svg><a><rect%20width=100%%20height=100%>:310 A Parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message.See https://www.chromestatus.com/feature/5718547946799104 for more details.*
If I click on where this is generated, I get the following, which shows that it uses ‘unescape’:
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
Thanks for your help.
The attack chain is evolving, out-thinking traditional, signature-based endpoint security. See how Malwarebytes breaks the chains, defeating advanced threats with new technologies.
Categories:
101
Business
Tags: attack chainattack vectormulti-layer p… Continue reading Breaking the attack chain