All Questions
37 questions
5votes
2answers
889views
Turing-completeness impact on system security
I always find in many papers discussing different kind of system security subject that the authors always trying to highlight the danger of some vulnerabilities by assuming an attacker, by exploiting ...
- 83
-3votes
1answer
136views
Most resource intensive assembly instructions? [closed]
Assuming I want to overload a server which is running some kind of web-app or gaming server, what is the best way for me to figure out which usage of legitimate features on the web-app or gaming ...
0votes
1answer
215views
Can an android phone harm windows network?
Is it a security issue if someone is able to login into windows domain through an android phone with admin credentials through something like ES file explorer? I read that usually androids cant run ...
user121125
1vote
0answers
777views
DMZ with Reverse Proxy for both Web and Email servers
I have both a web server and email server, instead of placing these two "public" servers in the DMZ, instead In the DMZ I was going to place a Reverse Proxy. for the Web Server: Firewall accepts port ...
- 1,102
0votes
0answers
691views
Firewall source and destination IP validation
For an external firewall interface, why is it a good idea to validate that the source IP address was initiated from an internal IP, or why it originated from an external IP? If, hypothetically, the ...
- 1,102
2votes
1answer
760views
Man in the Middle attack?
in a scenario where I have a gateway to the Internet and a switch(layer 2) connected to this gateway. I have two computers in the same broadcast domain connected to the switch. all traffic to the ...
- 1,102
109votes
5answers
23kviews
Can simply decompressing a JPEG image trigger an exploit?
The novel Daemon is frequently praised for being realistic in its portrayal rather than just mashing buzzwords. However, this struck me as unrealistic: Gragg's e-mail contained a poisoned JPEG of ...
- 1,149
3votes
0answers
185views
Case Studies of high profile hacks [closed]
Every hack happens because of a form of security vulnerability or another, and I feel that the best way to avoid/fix these vulnerabilities is to learn about them. Is there anywhere on the internet ...
- 231
1vote
1answer
588views
Worst-case scenario OPEN URL REDIRECTION and why google not covering it in bug bounty
OPEN URL REDIRECTION as per in my opinion can be proved very dangerous by crafting attacks such as phishing. But it seems like google thinks it as a very low level bug and does not provide any ...
- 115
0votes
1answer
471views
Fuzzdb detected as Trojans [closed]
I recently downloaded fuzzdb from http://code.google.com/p/fuzzdb/ and my antivirus kept on detecting some of the files as Trojans. I need to know if these files are safe?
- 103
13votes
2answers
5kviews
Zlib DEFLATE decompression bomb
Can you give me an example of a short data string that, when decompressed using Zlib's DEFLATE method, expands to something much much longer? More precisely: what is the nastiest decompression bomb ...
- 100k
11votes
2answers
17kviews
NX bit: does it protect the stack?
I once heard the NX bit was a panacea, then that it was not. One detail I've wondered about though: Does the NX (no execute) bit protect against code inserted into the stack and executed there? It ...
- 153
6votes
2answers
12kviews
XSS when <, > and " are escaped?
I'm pentesting a website that has a reflected XSS, or at least a vector for a reflection, but the issue is the following : It escapes <, >, " to their HTML entities, but not &, ) or (. You ...
8votes
7answers
5kviews
What does it actually mean when someone says their website is hacked?
I have seen many people say that their website has been hacked using some vulnerability. I never fully understood what this means. To me the only way to get control of website is get the FTP details....
- 189
75votes
3answers
178kviews
How to exploit HTTP Methods
Many security scanners like nikto, nessus, nmap, and w3af sometimes show that certain HTTP Methods like HEAD, GET, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, etc are vulnerable to attack. What do ...
- 3,196
