Collaborate Disseminate
For input validation on a website, are there any security concerns with disclosing to the user exactly what characters are valid or invalid for a given field?
CWE-200: Information Exposure says one should try not to disclose information &q… Continue reading Is it a security vulnerability to tell a user what input characters are valid/invalid?
I am researching this bug here, where the first line of an arbitrary file can be leaked by triggering a SyntaxError using the compile() function.
Is there a method of leaking the rest of the file, such as similar to the way… Continue reading Leak multiple lines from file
I’m trying to execute pickle shell-code through a download function on a website but I get the following error:
<html>
<h1>ERROR: Cannot load file</h1>
<!–
Traceback (most recent call last):
File “/… Continue reading Pickle Shellcode Import Error
Error and exception handling in web applications can introduce security issues, often in the form of denial of service (i.e., when a service crashes because of poor error handling) and information disclosure (i.e., when an ex… Continue reading Exception handling in multi-tier applications
Let’s assume there is a website with an API that supports the following REST call in which authenticated user Alice can send registered user Bob a message to his cell phone which he registered on our site (hypothetically spe… Continue reading Sensitive data enumeration via HTTP error codes
While performing a SQLi test I’ve received HTTP response codes 406 and 302 from the server but don’t see anything changing on the web page.
Are these responses an indication that the application is vulnerable to SQLi?
Thank… Continue reading Do HTTP response codes 406 and 302 while performing SQLi indicate a vulnerability?
Let’s say I’m using several crypto functions from a 3rd party lib and those crypto functions should never fail because my code, and not a user, is sending all the arguments (buffers, sizes, etc..) so if the function fails it’… Continue reading Should I return meaningful error code in case of internal error?
Just tried a port scan against a cloudflare protected website:
nmap -sV –version-intensity 9 –top-ports 2500 -v –script banner –data-length 0 -n <ip address here> -Pn -T2 -sT
I get a lot of this as a result:
It turns out that I have an application that when I insert a simple quote the following appears to me:
httpStatus”:400,”errorCode”:”BAD_QUERY_PARAMETER”,”message”:”java.lang.NumberFormatException: For input string: \”‘\””,”implementationD… Continue reading Is this vulnerable to Sql Injection?
I have a debate about how to properly log errors for the client part (Java Swing) of a client-server application from a security point of view.
I think it is common sense that exposing error details like exceptions and stacktraces to ‘unt… Continue reading Logging error details in a (desktop) client application