Collaborate Disseminate
My SSL server uses the following certificate setup: leaf -> intermediate -> root (trusted ca). I have verified using openssl that it’s returning both leaf and intermediate certificate (at least I think it does):
$ openssl s_client -s… Continue reading SSL error when using curl with only trusted root certificate but server is already returning full certificate chain
I have golang app that works as server which a single client accesses by the IP hostname (aaa.bbb.ccc.ddd). Trying to implement mTLS.
Since I have only one client, its cert/key pair (myclient.crt/myclient.key) is directly stored in the ser… Continue reading Certificate subject name ‘xxx’ does not match target host name ‘yyy’ [duplicate]
I’m a beginner in security but I am trying to send a request to a server through mutual authentication.
I was given
CA pem file
client cert pem file
private key pem file
Right now, I’m trying to establish a connection to the server but i… Continue reading Debugging HTTP 403 Forbidden when using cURL for mutual authentication SSL (mTLS) [migrated]
TLDR;
Copying the request from ChromeDevTools along with all cookies allows me to view pages that I should not be able to view after logging in.
Have I been pwned ?
I just found a terrifyingly easy way to view pages that should be visible… Continue reading Does copying cookies allow attackers to view pages that should be visible only after login?
I figured out that some application uses libcurl 7.50.1 along with WinSSL (I think it was built with it?) and I’m not really sure how can I extract those keys from this application.
In OpenSSL (1.0.2) the master key is here: click
I have d… Continue reading Acquiring pre-master/master key from WinSSL CURL application
SCENARIO:
I’m testing a web application. To test if TRACE is enabled I used both
nmap –script http-methods target.com
and
curl -k -i -X OPTIONS target.com
After running the former I get
443/tcp open https
| http-methods:
| Supporte… Continue reading Why if a server response contain both Public: TRACE and Allow: TRACE then responds with 405 NOT allowed?
I wanted to know my external IP address from the command line. I found this answer on Ask Ubuntu: Command for determining my public IP? which suggests to use
curl -s https://checkip.dyndns.org | sed -e ‘s/.*Current IP Address: //’ -e ‘s/&l… Continue reading Can it be dangerous to curl without any option an HTTP address?
I uploaded a PHP web shell to a site, and to bypass the file upload restriction, I used a .php.jpg extension.
When I open my shell with a web browser, it doesn’t execute (confirmed with a packet capture) but when I open it with curl, it re… Continue reading Can’t execute shell i uploaded with cURL
With millions of phishing attempts happening daily, we’ve probably all had our fair share of coming across one. For the trained or naturally suspicious eye, it’s usually easy to spot them — maybe get a good chuckle out of the ridiculously bad ones along the way — and simply ignore …read more
Continue reading Give a Man a Phish, and You Entertain Him For a Day
Ok i am facing a very weird behaviour that sets and doesnt set cookie both. So, first i have found CRLF injection in 2 domains, redacted.de and redacted_another.com. When i go to redacted_another.com vulnerable url, the cookie gets set int… Continue reading Cookie is not being set after CRLF Injection in one domain but set in another domain. How can i bypass/set it?