gzip – WindowsTechs.com

How do I decode/decompress a DNS exfiltration attempt?

Posted on March 17, 2024 by kntxspeeder

I’m analysing a DNS exfiltration attempt and I’m having trouble decoding/decompressing what data was being attempted to exfiltrate. (the information is not confidential)
The DNS queries are as follows:
b’H4sICN3l1GUAA3Bhc3N3ZACNV9tyozgQfc9… Continue reading How do I decode/decompress a DNS exfiltration attempt?→

CRIME like attack and locality of randomized data

Posted on June 9, 2023 by Skary

I am not an information security expert (just a developer) and recently discovered this kind of vulnerability, and have a few questions (so sorry if I misinterpreted something about how the attack works).
In the product I am developing whe… Continue reading CRIME like attack and locality of randomized data→

Non readable text values in the Burp http requests and responses

Posted on April 14, 2022 by Supraja

I am intercepting the android app’s traffic and there is this weird content seen on the HTTP request and response body. The request is actually sending an image file(.jpg) and this weird content is seen below in the request body. The respo… Continue reading Non readable text values in the Burp http requests and responses→

To avoid BREACH, can we use gzip on non-token responses?

Posted on October 31, 2017 by Nathan Long

I work on a site that has a web interface an an API. I’m trying to determine if we can safely use gzip, or if that will open us to BREACH.

The site says:

If you have an HTTP response body that meets all the following con… Continue reading To avoid BREACH, can we use gzip on non-token responses?→

Brotli compression algorithm and BREACH attack

Posted on October 26, 2017 by seyyed heydar javadi

I spent a lot of time on BREACH attack implementations. In theory, Brotli compression, like other compressions that use lzz7 family algorithms, must be vulnerable to the BREACH attack.

Experiences and tests that I did on a t… Continue reading Brotli compression algorithm and BREACH attack→

Are there valid reasons for compressed files (zip, gzip, etc.) to spoof file size?

Posted on February 3, 2017 by Tarka

Zip files, GZip files, and likely others, include information about the contained file, including the uncompressed size of the file. However, when extracting these files the number is meaningless as the actual data can be muc… Continue reading Are there valid reasons for compressed files (zip, gzip, etc.) to spoof file size?→

Is gzipping content via TLS allowed?

Posted on October 6, 2015 by Florian Schneider

So I have these few compression directives at http level in nginx:

gzip on;
gzip_http_version 1.1;
gzip_vary on;

I read that this should be avoided because of CRIME/BREACH attack, is this correct?

Continue reading Is gzipping content via TLS allowed?→