Highest Voted Questions - IT Security Stack Exchange

40

votes

3 answers

Unable to understand why the web app is vulnerable to a Directory traversal attack

I was working with this web-app, when someone pen-tested it and sent me a huge report that says my app is vulnerable to a Directory traversal attack. Here is one sample: Testing Path: http://127.0.0.1:80/??/etc/issue <- VULNERABLE! I put…

web-application python directory-traversal

asked Sep 07 '16 at 11:34

Batman

845
1
8
14

40

votes

2 answers

What is protection ring -1?

Due to the Lenovo firmware ThinkPwn bug I'm trying to understand privileges and rings. If the kernel is Ring 0 and SMM (System Management Mode) is Ring -2, what could be in between that is Ring -1?

operating-systems protection kernel

asked Jul 04 '16 at 11:53

Thomas Weller

3,366
3
22
40

40

votes

3 answers

How does JTI prevent a JWT from being replayed?

According to the JWT RFC a JWT can optionally have a JTI which I interpret to be a unique ID for a JWT. It seems like a UUID is a good value for a JTI. The RFC claims that the JTI can be used to prevent the JWT from being replayed. Two…

oauth token json jwt replay-detection

asked May 30 '16 at 18:34

ams

613
1
5
7

40

votes

1 answer

What cookie attacks are possible between computers in related DNS domains (*.example.com)?

Here, several servers in the same DNS domain emit cookies under a variety of settings (scope, HTTPS, Secure) and another host emits a cookie with the same value. Example Suppose a user has the following cookie set at secure.example.com: authCookie…

appsec web-application cookies session-management

asked Mar 05 '12 at 01:03

makerofthings7

50,488
54
253
542

40

votes

4 answers

HSTS on a subdomain with includeSubdomains

Suppose that my site is located at foo.example.com and I send the following HTTP header when visitors accessing my site using HTTPS: Strict-Transport-Security: max-age=31536000; includeSubDomains Would the HSTS policy have any effect on domains…

hsts sub-domain

asked Feb 02 '16 at 08:09

rink.attendant.6

2,247
4
23
35

39

votes

2 answers

Is it safe to send SSL certificates via email?

I just ordered a cheap Comodo PositiveSSL Certificate via a UK reseller, and I was rather surprised to find that the following files were emailed to me automatically, in a zip file: Root CA Certificate - AddTrustExternalCARoot.crt Intermediate CA…

tls certificates certificate-authority

asked Jul 16 '15 at 12:42

halfer

821
1
7
12

39

votes

6 answers

Secure Session Cookies

While looking up methods for creating secure session cookies I came across this publication: A Secure Cookie Protocol. It proposes the following formula for a session cookie: cookie = user | expiration | data_k | mac where | denotes…

cookies

asked Sep 21 '11 at 23:47

Uyghur Lives Matter

480
1
6
12

39

votes

2 answers

How bad is it to truncate a hash?

I'm wondering how bad it is to truncate a SHA1 and only compare, say, the first 10/12 bytes, etc. I'm working with a fixed length of 8 bytes that I need to hash for uniqueness but store with the smallest footprint possible (8 other bytes would be…

hash

asked Nov 10 '14 at 18:02

Agnar

493
1
4
6

39

votes

5 answers

SSL root certificate optional?

I may have been under the wrong impression on how servers should be setup and what certificates actually get sent over during the server hello certificate message. I came across this today from Symantec/VeriSign: Root installed on the server. For…

tls certificates public-key-infrastructure certificate-authority

asked Aug 13 '14 at 19:11

user53029

2,687
5
24
35

39

votes

8 answers

Who is responsible for the strength of user's passwords?

Who is responsible for a user's password's strength? Is it us (developers, architects, etc.) or the user? As a web developer, I've frequently wondered whether I should enforce the minimal password strength on my websites/applications users. I…

passwords password-policy

asked Aug 22 '11 at 14:18

Michal M

539
4
7

39

votes

2 answers

How to get MAC address via IP

I have an IP address of a computer which I am currently away from, and I need the MAC address. How do I get the MAC address if I ony have the IP?

ip

asked Jul 30 '14 at 07:58

Allen

525
1
4
4

39

votes

3 answers

How can a webpage get the MAC address?

I was logged on to my router and filling out some information. I clicked a button and a field was automatically filled in with my computer's MAC address. How is this possible? Does it present a security risk? I'm connected through VPN and my…

web-browser routing mac-address

asked Jun 18 '14 at 06:42

Celeritas

10,089
22
79
144

39

votes

2 answers

What are the main vulnerabilities of TLS v1.1?

What are the main vulnerabilities of TLS v1.1? Actually, no RFC describes v1.1 vulnerabilities, neither what pushed them to change to the new protocol 1.2 except the description given in section 1.2 of RFC 5246. Please note that I do not mean…

tls known-vulnerabilities vulnerability

asked May 13 '14 at 15:36

melostap

565
1
4
8

39

votes

8 answers

Where can I learn cryptography/cryptanalysis the hard way, without going to school ? Any good book?

I'm not so bad at mathematics: I know what are p-list and p-combinations, I know matrix algebra, I know what a XOR is, I know how to tell if number is a prime, etc: I'm not the programmer who hates math because he is bad at it, but I don't have a…

cryptography cryptanalysis theory

asked Jul 26 '11 at 13:07

jokoon

593
1
5
8

39

votes

5 answers

Security of an initial redirection from http://example.com to https://example.com

Suppose that http://example.com/ systematically redirects to https://example.com/. I enter http://example.com in my browser's URL bar, and I see a page load and the URL bar now displays exactly https://example.com/ (no Unicode hack, no…

tls web-application web-browser http

asked Nov 03 '13 at 09:56

Gilles 'SO- stop being evil'

51,415
13
121
180

Most Popular