Infinite loop leads to denial of service in Centreon
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 1 July, 2020 - 00:00 edit
Centreon is a IT infrastructure monitoring tool, similar to Nagios. An infinite loop can be caused by changing a parameter that is used for the loop counter to a punctuation character, which is a denial-of-service vulnerability.
Značky: #Rozne
Overwriting HttpOnly cookies using cookie jar overflow
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 27 May, 2020 - 00:00 edit
Even though HttpOnly cookies cannot be read using JavaScript, it is still possible to overwrite HttpOnly cookies using JavaScript.
Značky: #Rôzne
Testing Android apps on a virtual machine
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 6 May, 2020 - 00:00 edit
A virtual machine running Android is useful when hacking Android apps. In this post I describe my experiences with setting up a virtual machine and intercepting traffic from Android apps.
Combine two word lists for cracking passwords
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 29 April, 2020 - 00:00 edit
To crack passwords, it is sometimes useful to combine word lists in a way that concatenates words from multiple lists. This article shows three ways to accomplish this.
Abusing javascript:history.back() as an open redirect
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 8 April, 2020 - 00:00 edit
Using
javascript:history.back()
on a page may introduce a kind of open redirect. The previous page may not belong to the application that contains the link, so a seemingly trusted link now points to another (untrusted) page. This may be usable in phishing attacks.
The struggle of perfectionism
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 25 March, 2020 - 00:00 edit
I am a perfectionist. This often helps me to deliver quality, but also gives me anxiety if things are not perfect, which happens to be always. In this post I share my experience with perfectionism, and some methods that help with the continuous struggle.
Bypass virus scanners by renaming files
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 11 March, 2020 - 00:00 edit
To prevent spreading viruses or malware, many web applications scan uploaded files using a virus scanner. Often, the virus scanner is started as another process, and the output is checked for the result. The output of the virus scanner also contains the filename, which makes it possible to influence the logic that checks for the result. This post describes some instances where virus scanning can be bypassed by naming the file a particular way.
How to open a Compal CH7465LG-ZG Ziggo Connect Box
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 19 February, 2020 - 00:00 edit
Ziggo (or UPC) is a cable company in Europe that offers internet over cable. One of the DOCSIS modems they offer is the Compal CH7465LG-ZG, or Ziggo Connectbox. This post describes where the screws are and to open the modem enclosure to get to the hardware.
The case for client-side hashing: logging passwords by mistake
pubsub.slavino.sk / sjoerdlangkemper · Wednesday, 12 February, 2020 - 00:00 edit
Hashing passwords makes it possible to use them for authentication, while making it hard to reconstruct the original password. Hashing passwords on the client may be beneficial: even though it does not protect against attackers, it does protect against accidental mistakes.