All Questions
68 questions
0votes
0answers
2kviews
How easy or difficult it is to exploit older SSL/TLS protocols?
Detection of outdated TLS/SSL protocols are one of the most common findings I have seen in many vulnerability scans and penetration testing reports. It is reported as a serious vulnerability too. ...
- 1,367
1vote
1answer
459views
Received a strange text message. What is it? [closed]
This morning I received the following text message from a Gmail account: v3s5f3rs4f3gs3.nf5j4k8j4k3o.solar?G$1?V&?KL?O=$HO?&S?K0?$1T A couple of my friends got it too. I have an iPhone and it ...
- 777
1vote
1answer
480views
How to exploit open redirect vulnerability which must contain the original url
Let's say I have the following url: https://secure.sub.domain.com/?continue=https://sub.domain.com I found out that I can put anything I want before sub.domain.com in the continue parameter as long as ...
- 11
0votes
1answer
150views
Attacking VPN server's outgoing connections
Due to increasing concerns about privacy online I recently started researching technologies that are supposed to hide our activities from unwanted watchers. I've been learning about workings of VPN ...
0votes
1answer
1kviews
exploiting CVE-2020-0668 problem
I've been trying to get mentioned security error working on my machine so I could fully understand how it works. I've been following those instructions: https://itm4n.github.io/cve-2020-0668-windows-...
0votes
0answers
495views
What are the main differences between a covert timing channel and a covert storage channel?
I am trying to find the differences between a covert timing channel and a covert storage channel in terms of detectability, performance, features, and any other advantages and disadvantages. Is ...
- 13
81votes
6answers
21kviews
Can malicious code fit in 14 bytes?
I was reading this The New York Times (NYT) article about the hack of Jeff Bezos's phone. The article states: The May 2018 message that contained the innocuous-seeming video file, with a tiny 14-...
- 805
2votes
2answers
1kviews
What should I think about users with huge numbers of successful login attempts in a short period?
What to think about a user making thousands of successful login attempts over a short period? What are the dangers of such a behavior and how to protect against them? A couple of examples of dangers ...
- 121
0votes
1answer
344views
XSS: Character showing in DOM [closed]
I have created an html page that redirects user to a test site that has an XSS vulnerability. I am able to successfully execute javascript via the vulnerability. However, I have found that some of the ...
- 101
0votes
0answers
285views
Is JIT-compiler required for JIT-ROP attack?
I have been studying up on the concept of Just-in-Time (JIT) ROP attack (https://cs.unc.edu/~fabian/papers/oakland2013.pdf), and came across this question which I have not been able to find the ...
1vote
0answers
128views
How can this Authentication/Authorization flow be improved?
I am currently building a full stack web app mainly as part of an exercice. This app is made up of a back end on a server (written in Go), and a front end written in Angular (so on a user's browser). ...
- 111
80votes
13answers
28kviews
Is divide-by-zero a security vulnerability?
Even though sometimes software bugs and vulnerabilities are deemed as the same concept, there must be at least one distinct aspect between them, and I think the most prominent one is exploitability (...
- 859
6votes
3answers
387views
What is the (literally) lightest way to run a second secure system?
My goal is to have two separate systems where one is secure even if the second one is full of malware. My current approach is to have two separate laptops and the only way these two communicate with ...
- 61
1vote
1answer
743views
ROP Attack :Force the program to manipulate an instruction as a gadget
I'm doing basic exploitation test on a simple program with fiew lines of code. I intend to exploit a buffer overflow vulnerability to perform a ROP attack. To gather the available gadgets I use ...
- 83
1vote
2answers
152views
Does installing more programs result in higher chances of being exploited?
Theoretically, the answer could be yes since you increase the attack surface. However, I was wondering if in practice it really makes a difference. I am mostly worried about exploits for web facing ...
- 11
