Collaborate Disseminate
I stumbled upon this abomination in the code base of a project I’m working on and wondered if it constitutes a security issue.
$requestUri = explode(‘?’, $_SERVER[‘REQUEST_URI’]);
$requestUri = explode(‘/’, $requestUri[0]);
array_shift($r… Continue reading Unserialize URI with PHP and nginx to gain RCE
In working on a vulnerable box, I found a field in a database table where one can insert php code. Based on this exploit:
https://www.exploit-db.com/exploits/24044
I tried to use this code to make a php webshell:
?php $cmd=$_GET[‘cmd’];sy… Continue reading Attempting remote code execution, why does this php webshell code fail with single quotes?
I have read many articles about the vulnerability in the program dependency, either direct or transitive.
Here are two questions come out of my mind.
If a dependency A has a vulnerability (Maybe has a CVE identifier) in one of its functio… Continue reading About vulnerability in the dependency
My friend gave me some files to decode, but seems like they are all encoded with ioncube, and i don’t have money to buy IonCube an just half the files are with me, so i can’t use the loader either because it gives me an error that somethin… Continue reading What is IonCube’s starting offset?
I am trying to secure access to a PHP page in a folder and only allow access to it from a specific IP Address and domain name but only on a specific port. I have seen a number of questions here but not including the PORT access.
I have add… Continue reading Allow access to folder only from specific IP Address (or domain) and Port using .htaccess
I have a vulnerable test site up that runs PHP.
How can an attacker identify that PHP is used?
if I type …/add.php the site gives back an error message, although the file is add.php.
If I type …/add the site runs.
Maybe I can inject co… Continue reading How can an attacker identify if a website is using PHP? How about the PHP version?
We are trying to develop a GENERIC WAF Rule for SQLI Prevention for WordPress-based websites that can provide some level of effectiveness with a very low probability of having false positives.
From my understanding I think we can provide s… Continue reading SQL Injection Prevention WAF Generic Rule for WordPress
This is a new system used by S3Bubble to stream video securely without viewers being able to download (https://s3bubble.com/documentation/aws-mediaconvert-drm-hls-with-statickey/). This a challenge they propose you I haven’t been able to c… Continue reading How S3Bubble hid or circumvented the passphrase to allow for undownloable streaming
This is a new system used by S3Bubble to stream video securely without viewers being able to download (https://s3bubble.com/documentation/aws-mediaconvert-drm-hls-with-statickey/). This is a challenge they propose you I haven’t been able t… Continue reading How S3Bubble hid or circumvented the passphrase to allow for undownloable streaming
What is the best alternative to encrypting data to use it in a cookie so that i can decrypt it later to validate the user data?
Currently saved: Login – Password and IP in an array and then encrypt it with the function.
is that safe?
$user… Continue reading Encrypt login and password in cookie to keep user logged in