Collaborate Disseminate
Take this HTTP request as an example.
GET /directory/blahblah/ping%20interact.sh
Say this request receives any 3xx, 4xx, 5xx HTTP response code. Is it likely or even possible that a backend web server process this request and pings interac… Continue reading Command Injection in URLs. Are response codes foolproof indicator of true/false positive?
I have a DB that I would like to expose to end users for flexible search through their data. Currently using Elastic, but not tied to that: I can internally transform the data in any way to enable secure, flexible querying.
What I’m curiou… Continue reading Library to securely expose query language to end user?
I am a cybersecurity professional who is interested in researching the field of injectables.
Does a device exist, or can be made, that if plugged into a computer would instantly start attacking the computer to tear down password barriers a… Continue reading Can a USB stick be made to automatically hack a system?
Does anyone know how to access the server command line and execute commands remotely in OWASP Juice Shop?
Tried to find something with Burp Suite and I did not find any information on the Internet about this particulate matter.
Does anyone know how to access the server command line and execute commands remotely in OWASP Juice Shop?
Tried to find something with Burp Suite and I did not find any information on the Internet about this particulate matter.
I am attempting to inject a carriage-return + newline in a HTTP request header value. My understanding is that this is possible with HTTP/2 and HTTP/3. However, when I send a request with Burp I get this error:
RST_STREAM received with er… Continue reading CRLF in HTTP/2 header value
When I try to perform a DLL injection with ScyllaHide in x32/x64 dbg, then it crashes for some reason, is this a bug? Both with stealthy injection as with normal injection, the program crashes when I inject a DLL.
For example, when I injec… Continue reading ScyllaHide DLL Injection
can I retrieve metadata from a text that was sent to me? what about email? what about a closed website? if anyone can help, either extract it or read it, that would be great. The closed website belongs to me.
We wan’t to prevent attacks comming in from src attribute "javascript:" but still allow lnline script tags.
Currently the only option is to add sha-hash’s but there are too many inline scripts to do this.
Unfortunately we can’t m… Continue reading CSP: Allow inline scripts while blocking javascript: in iframe src
A few days ago I found a vulnerability in a site of scope using the Burp suite scanner with the command nslookup xxx.burpcolaborator.com exploit with the following feature:
Issue: OS command injection
Severity: High
Confidence: Certain
… Continue reading out-of-band data exfiltration Command Injection