Is it possible to inject a payload inside <a> tag such that the script runs without user interaction?
The injection is inside the href attribute. I can inject onmouseover or onclick attributes, but user interaction is required.
Th…
In my modsecurity auditlog there is a binary file logged as text:
How can I prevent modsecurity from bloating my logfiles with the content of binary files like that?
Recently, I saw some strange entries on my local-only webserver. The thing is I don’t know if the attack came from outside the network or from an infected machine. I have read up a little on the hnap attack, but I’m still unsure what to do…
Is there a watermarking scheme for images and audio that is:
Invisible – should be imperceptible for a human.
Non-invertable – cannot be removed by any means without the original.
Robust – in order to destroy the watermark you have to sp…
From reproducible-builds.org:
Reproducible builds are a set of software development practices that create a verifiable path from human readable source code to the binary code used by computers.
In general, it means that given the sam…
I’ve noticed that many services that offer 2 factor authentication have jumped from using four digits to six. However, it seems counterproductive to me because the digits are random, the digits (should) expire, and with six digits, you may…
I’m just beginning to learn about the init system, so I only know about the high level characteristics of both.
I have noticed a lot of fuss over systemd, even some people claiming that systemd was created to purposely introduce vunerabi…
I’ve asked the question Power-only USB connection to charge my phone – as simple as cutting the data lines? in electronics SE. In order to bypass the "Why do you want to do this?" request for clarification, I explained. Here is t…
While I am checking the fields of X.509 I’ve noticed there is field called public key parameter and its value is 05, what is the use of this field? I have searched and did not find a clear answer for that.
Here is context:
I am using PGP to encrypt messages in a chat web app. After going through some articles, I get brief idea how PGP works and here is how I am doing it with openPGPJs :
Client(web browser) generate the public/private key-pa…
