Aut2Exe Error kali linux
Error: unable to add resources
c:\users\root\local settings\Application Data\AutoItv3\Aut2Exe\aut2134.tmp.exe
Collaborate Disseminate
Error: unable to add resources
c:\users\root\local settings\Application Data\AutoItv3\Aut2Exe\aut2134.tmp.exe
I’m working on designing a credit card payment form whose core functionality is provided by a payment processing company ("upstream").
Upon some transaction errors the upstream returns the detail (*one kind at a time) of the user… Continue reading Credit card form : Is it neccessary to obscure error messages?
I just wanted to ask if my concerns here are valid.
I am aware that it is unsafe for the API to return a stack trace. I have a similar, but less egregious, situation that I am trying to judge.
Is there also some standard regarding packagin… Continue reading API Returning Java Exception. Safe?
For context, my web app will be used by users who don’t have a strong technical background. What are the pros or cons for displaying a message like this?
Something like:
Like any other website owner, I get frequent probes for vulnerabilities e.g. .php .sql or .gz pages.
These used to appear in my log files as 404 responses (we host on ASP.NET Core). These also take up server time and processing as it has … Continue reading Is there a problem with this approach to handling invalid web probes?
I’ve been trying to trigger xss in a website with the following url
https://website.com/login/error?username_or_email=xyz%40gmai.com&redirect_after_login=%2wall
While trying different payloads with Burp Intruder, I noticed that v… Continue reading XSS Bruteforcing results in 500 internal server error
I have a simple code for an input model:
public class MyClass
{
[Required]
public MyEnum? Type { get; set; }
}
Now if I do not send Type as a part of json to the request, I get this error from Web.Api:
“The JSON value coul… Continue reading Does Asp.Net Core exposes too much information for required enums that were not supplied?
We are writing our first public API.
Now I remember hearing in the past that you shouldn’t give users useful error messages, that allows hackers to learn what your data is.
so if the get is
{
policyNumber: ’43’,
product: ‘car insuranc… Continue reading Secure error messages from public API
For input validation on a website, are there any security concerns with disclosing to the user exactly what characters are valid or invalid for a given field?
CWE-200: Information Exposure says one should try not to disclose information &q… Continue reading Is it a security vulnerability to tell a user what input characters are valid/invalid?
I am researching this bug here, where the first line of an arbitrary file can be leaked by triggering a SyntaxError using the compile() function.
Is there a method of leaking the rest of the file, such as similar to the way… Continue reading Leak multiple lines from file