Smashing the stack example3 ala Aleph One
c,security,pointers,stack-smash
The first, and very important, thing to note: all numbers and offsets are very compiler-dependent. Different compilers, and even the same compiler with different settings, can produce drastically different assemblies. For example, many compilers can (and will) remove buf2 because it's not used. They can also remove x = 0...
Is it considered bad practice to reference the Microsoft.AspNet.Identity in the service layer of a multi layered web application?
c#,asp.net,asp.net-mvc,security,asp.net-identity
Is it okay to set the Thread.CurrentPrincipal in the PostAuthenticationRequest method? Yes it is ok to assign Principal object (HttpContext.Current.User) to current thread. Is it okay to reference the using Microsoft.AspNet.Identity in my service layer? It is not a good practice, although you can access it. The reasons are...
Am I safe?? [trying to prevent sql injection] [duplicate]
php,mysql,security,laravel,pdo
The question is somewhat unanswerable (atleast not in a way that will not give you a false sense of security) with the amount of resource provided. Since you are using PDO I'll go right ahead and say that you ought to be using prepared statements. Injection on a whole primarily...
shared memory performance and protection from other processes
An alternative architecture you might consider is dynamic loading. Instead of 2 processes, you have just the first one; it uses dlopen() to load your newly compiled code. It calls the entry point of this "library", and the code has access to all the space including the persistant variables. On...
MYSQL Access Control
mysql,node.js,security,access-control,row-level-security
There are three approaches you could take: Do it within the app Do it between the app and the db, inside a db proxy Do it inside the database The first option wouldn't really qualify as row-level access control since the application logic is the one responsible for the filtering...
What are all the methods to delete local-storage data?
javascript,php,security,credentials,web-storage
I'm building a web app that uses HTML-local-storage to replace PHP sessions and cookies. Local storage is a solution aimed at replacing neither. Local storage is for storing data client-side. Cookies are for identifying clients at the HTTP level. PHP sessions are meant for storing data server-side, usually keyed...
Our OAuth2 implemention has security flaws
java,angularjs,security,oauth-2.0,hacking
You've successfully implemented a session hijack. This happens because sessions are based on tokens stored in the web page or cookies rather than IP addresses or something. This makes sense because IP addresses can be spoofed while a cryptographically secure session token is practically impossible to spoof. While you could...
Android how to handle sensitive data in memory
Please how do I prevent this from happening? I wear tin-foil hats on a professional basis (besides, I think they look spiffy...), and this is beyond what I normally worry about. I'd worry about making your HTTPS code won't be the victim of a Martian-in-the-middle (MITM) attack, as that's...
Role concept in the authorization
I would strongly suggest against implementing your own logic. Just search around in SO for many failed attempts. There are plenty of frameworks that let you do just the right level of access control you are looking for. Some are even mentioned in the comments. Have a look at: Spring...
Invalidate user credentials when password changes
asp.net,asp.net-mvc,security,asp.net-identity
Not immediately, it will take 30 minutes by default for old cookies to invalidate in asp.net Identity 2, asp.net identity doesn't check the database on every request for that, it has an interval, use SecurityStamp to change it, you can set it in Startup.Auth.cs, default is 30 minutes, set the...
server listens on 127.0.0.1, do I need firewall?
security,networking,localhost,firewall
127.0.0.1 is only for local computer "loopback". They are required to be dropped if they come from outside the local computer. So no firewall is required if the app is only listening on 127.0.0.1.
How sanitize and store user input, that contains HTML regex pattern in WordPress
php,html,wordpress,security,html-sanitizing
From the comments, it sounds like you are concerned about two separate issues (and possibly unaware of a third one that I will mention in a minute) and looking for one solution for both: SQL Injection and Cross-Site Scripting. You have to treat each one separately. I implore you to...
Is it possible for a user to modify site javascript in browser?
Security is a big topic in the web development world and it is important for you to determine how secure your web application should be. There are 3 parts for you to notice Frontend (the website) everything here is insecure, whatever shown on you in the browser could be changed...
Can I use plone.protect 3.0 with Plone 4.3?
forms,security,plone,csrf,plone-4.x
I have only a little experience with it and played around with plone.protect 3.x and Plone 4.3.2, but nothing serious. I had also a lot of addons installed, so I cannot say if there were problems with Plone itself, or an addon. Here are my notes: Yes you can enable...
Protect images download theory
javascript,html5,image,security
If a picture is displayed on someone's screen, there is no way you can avoid them to save it on their computer (even if you disable everything). Trying to obfuscate the images will only result in a loss of time, performance, and could make your website much less user-friendly....
AWS S3 The security of a signed URL as a hyperlink
security,hyperlink,amazon-s3,download
AWS Security Credentials are used when making API calls to AWS. They consist of two components: Access Key (eg AKIAISEMTXNOG4ABPC6Q): This is similar to a username. It is okay for people to see it. Secret Key: This is a long string of random characters that is a shared secret between...
What is HTTP Parameter Pollution attack in NodeJS/ExpressJs
javascript,node.js,security,express
What they say is that the mechanism of transforming a simple value parameter into an array parameter can be exploited. If you expect name to be a string: ?name=hello They can transform it into an array like this: ?name=hello1&name=hello2 You will not get a string but an array: [ "hello1",...
Better regex for security and auditing?
Both the regex in the question and answer look for variable assignment expressions; if you are only looking for the first assignment, this will complicate matters and you better - as @mario says - use the PHP_Parser. There are a lot of weird aspects with this regex. First of all...
Run Golang as www-data
Expanding on @JimB's answer: Use a process supervisor to run your application as a specific user (and handle restarts/crashes, log re-direction, etc). setuid and setgid are universally bad ideas for multi-threaded applications. Either use your OS' process manager (Upstart, systemd, sysvinit) or a standalone process manager (Supervisor, runit, monit, etc)....
Configure Apache web server to perform SSL authentication
linux,apache,security,ssl,xampp
Bitnami developer here, In XAMPP the SSL configuration is located at /opt/lampp/etc/extras/httpd-ssl.conf file, where there is a default VirtualHost already configured in port 443, and you are trying to bind again the same port. Please, try to modify this file instead. You can check if there is any other process...
What stops someone from forging a password reset link?
You should opt for a workflow like: Generate a new GUID, save it against the user account, call it PasswordResetToken The email you send should redirect the user to /[email protected]&resetToken=XXXXXXXXXXX You verify that the reset token exists for the user account specified Ask the user to enter a new password...
SMTP ports - SSL vs non-SSL
It may be possible to encrypt all traffic with SASL as they say, but the distinction is academic because PHPMailer doesn't support SASL for either authentication or any subsequent traffic, but does support SSL and TLS. So if you're using PHPMailer to send to them and you're not using SSL...
salt created by Java SecureRandom has different getBytes() value [duplicate]
Don't do that: String salt = new String(bytes); You are transforming a series of bytes into a string using the default encoding of the machine. You should keep the byte array as a byte array. If you store the data in a database you can store it in a binary...
How to restrict file copying shared using Content Provider in Android?
No, sorry. If you hand bytes over to a third-party app, that third-party app can do what it wants with those bytes. So only solution is to use some in-app pdf reader right? This will not completely stop people from copying your PDFs. However, it will limit attacks to those...
Using s3 in a healthcare application, private links
ruby-on-rails,security,amazon-s3,privacy
From the Documentation,you should use one of Amazon's "canned" ACLs. Amazon accepts the following canned ACLs: :private :public_read :public_read_write :authenticated_read :bucket_owner_read :bucket_owner_full_control You can specify a the ACL at bucket creation or later update a bucket. # at create time, defaults to :private when not specified bucket = s3.buckets.create('name', :acl...
Authorization Model: Context of Role?
security,authorization,claims-based-identity,abac,role-based-access-control
Actually, you should not attempt to implement a new authorization model. There is already a good model called attribute-based access control (or ABAC - see the SO tag abac and xacml). ABAC is an authorization model that: is defined by NIST, the National Institute of Standards and Technology, the very...
Risk of using a persitent XSRF-TOKEN cookie in Angular
javascript,angularjs,security,csrf
What are risks if I make the cookie persistent and manually set the X-XSRF-TOKEN HTTP header? The risk is that an attacker could eventually brute force the token value. The recommendation is to have a new CSRF token per session. If you make this persistent then a malicious site...
Unsure if website has been hacked with iframe
javascript,html,security,iframe
Oops! Turns out my domain provider (seperate to my web host) had enabled forwarding "with cloaking" and this caused my site to be shown in an iframe....
Forgotten password reset page: should the user need to enter a username/email as well?
security,user-management,forgot-password,reset-password
I don't see any value in doing this. Just make your key secure. Perhaps a 128-bit (that's 22 base 64 encoded characters) secure random. That seems large enough. Also add a timeout to the token life span. 24 hours seems a fine compromise between security and inconvenience. I like the...
Protect video from video from capturing
java,security,web,filesystems,system
I think that it is not possible to prevent user from video capturing. You can make it harder but you will never prevent user from capture screen of his computer. Even if you will control process list of computer (which i guess impossible or impossible for most users) You still...
PHP: Secure a Rest Service with a Token mixed with Timestamp
php,rest,security,amazon-web-services,token
After you've got token from the client you need to check two things: validity of the token and its timestamp. There are two scenarios: Make timestamp part of the token: function getToken($timestamp) { return $timestamp . encrypt(getPKey(), $timestamp); } $token = genToken(time()); And then validate it: $token = $_POST['token']; function...
What does “ModLoad” does in python code?
You may refer to this: modload It looks like that someone is debugging the python code in windbg. And the 'ModLoad' lines, together with others, are just the debugger output.
Does ajax increase or decrease security?
AJAX itself will not increase or decrease the security of your site, at least if its implementation is elaborate. The client (browser) will have turned JavaScript on or off. If it is turned on, there may be more insecurities on the client side, bis this won't affect your server and...
Generating an MD5 Hash with a char[]
java,security,hash,md5,message-digest
NOTE: The MD5 Hashing Algorithm should never be used for password storage, as it's hashes are easily cracked. However, I will use it for simplicity. The quick/easy/UNSECURE fix would be to convert the char array to a string. However, this is unsecure because strings are immutable and can't be cleared...
Placing secure data in Java web application
Using a servlet does not make anything secure by itself. You dont need a Java tool to connect, you can even use Telnet, any scripting language or create your own socket. Just use a download servlet from somewhere and at least Basic authentication ("information hiding" is no security aspect ;)....
zsh: no matches found: requests[security]
python,security,python-2.7,ssl,python-requests
zsh uses square brackets for globbing / pattern matching. That means that if you need to pass literal square brackets as an argument to a command, you either need to escape them or quote the argument like this: pip install 'requests[security]' If you want to disable globbing for the pip...
How can we create our own string encoding-decoding or encryption-decryption script in java without using any given library i.e. Base64, AES, etc?
java,security,encryption,encoding,cryptography
Maintaining a HashMap of Key(the value getting replaced) with a value(the value to be replaced) and just changing the string using a simple function will do. import java.util.HashMap; import java.util.Map.Entry; public class Encrypt { /** * @param args */ static HashMap<String, String> hm = new HashMap(); public static void main(String[]...
Is a site with html and javascript secure
It will most likely be safe as far as your files, but it can still be hacked if the server exposes some kind of scripts that you're not aware of and don't have any control over, or if it runs unpatched versions of OS/Web server/etc. If another hack happens and...
Authenticating plain text passwords against md5 hash in DB using Apache Shiro
Removing the below property made this work. I think for a MD5 hash we need not specify the below property. credentialsMatcher.hashIterations=1024 ...
Websocket (java ee) how to get role of current user
security,java-ee,websocket,wildfly
For this you will have to modify the Websocket handshake. You can do this as below: 1) Modify you websocket endpoint to use custom configurator @ServerEndpoint(value = "/someWSEndpoint", configurator = SomeCustomConfigurationClass.class) public class SomeWSService { ... } 2) Modify WS Handshake similar to public class SomeCustomConfigurationClass extends ServerEndpointConfig.Configurator { @Override...
Would delayed display of an email address be useful against email scrapers?
javascript,security,spam-prevention,email-spam
It entirely depends on the spambot. This could stop some spambots, but it wouldn't stop a scraper designed specifically to work around this defense. That's how arms races work. It would be pretty straightforward to build a bot that works around this defense you have in mind. You could use...
Mass Assignment Vulnerability
ruby-on-rails,security,ruby-on-rails-4,mass-assignment
First and foremost, this line num_users = A.where(:name => "NEW").count works fine with or without using mass-assignment. This is because where method do not assign data to a model record. On the other hand, it is rare to see a question with ruby-on-rails-4 and mass-assignment tags (there are only 7...
Wordpress: Changed HTTP to HTTPS, now security certificate error
After several hours of trying to fix this problem, I found a great youtube video. "Fix WordPress Site URL: General Settings Change, Cant Login" I will say how to fix this though in case anyone ever does what I did. You login to you CPanel>Databases>phpMyAdmin. Go to the database for...
How can we improve SSL handshake to increase the security?
security,ssl,encryption,server,cl
I'm not sure that you quite have this right. The connection is supposed to be: client <--> server The client knows that it's talking to the server due to the SSL handshake and validation of the server certificate. Your question is what would happen if: client // MiTM <--> server...
File security System in java? [on hold]
So to encrypt an aspect of the file you may want to gather it's bytes in an array*, That can either be done using the class Files from java or a stream to do it manually. For now lets say you got the byte array obtained using Files.readAllBytes(Path file); So...
JQuery Add expiration to authentication token stored with HTML5 localStorage?
php,jquery,mysql,security,authentication
The usual php session_start() method is fine to use over HTTPS, and I think it is best solution for you. Let the server handle the session for you. As SilverlightFox has pointed out, it's a good idea to use http only session cookies. Before you start your session use session_set_cookie_params...
RSA encryption in Android and Java
java,android,security,encryption,rsa
It looks like you've been undone by relying on defaults. Never do that if you hope for interoperability. Here are the two examples of mistakenly relying on defaults in your code that I've found. final Cipher cipher = Cipher.getInstance("RSA"); The tranformation string is supposed to be of the form "algorithm/mode/padding"...
Hashing passwords even when password is server-generated?
Security is something done in layers and each layer is designed to raise the cost of doing something you don't want them to. Do security guards prevent robberies? No, but they raise the cost of committing one to where most people won't bother. Hashes don't prevent people from hacking your...
Rsa algoritmn generates ? characteres in java
new String(encriptedSMS,"UTF-8") Your problem is here. encriptedSMS does not contain UTF-8 encoded text, so this is wrong. There is no correct way to "convert" a byte array into a String, unless the byte array contains encoded text (like you would get from someString.getBytes("UTF-8")). However, there are ways to encode a...
ensure I'm working with my software and not an imposter. Windows, Java, Hardware
java,windows,security,malware,integrity
Your best bet is to follow a standard procedure for this. In a nutshell, here's what you can do. On your machine: Place your code into a jar file Digitally sign jar file with a private key Distribute your public key to the code runner machine On code runner machine...
Why is this SQL injection 'sleep' attack an effective denial of service?
Not sure on the ettiquette here but I just wanted to mark this as solved with the help of PM77-1's comment here Basically the SLEEP(5) happens for every record since the conditional must be evaluated for each. In my test table, I only had one record, so I could not...
how to custom spring-security authentication process with my own mechanism
java,spring,security,spring-mvc,spring-security
First of all. Taking password from database from server side application is not vulnerable. Because if you can access the table data then there is no use of it. Wrong concepts - Spring security is not about returning result code from database. Its about authentication and authorization. You can enable...
Preventing brute-force login attempts [closed]
My team just tackled this exact same problem and, given how ultimately simple our solution was, it was a long road to get there. There are so many factors that need to be taken into consideration here, most of which you have already covered. Luckily for us, all the DDoS/DoS...
What does the security implications for default character set in mysqli_real_escape_string() means?
How SQL queries are parsed is dependent on the connection character set. If you did this query: $value = chr(0xE0) . chr(0x5C); mysql_query("SELECT '$value'"); then if the connection character set was Latin-1 MySQL would see the invalid: SELECT 'à\' whereas if the character set were Shift-JIS, the byte sequence 0xE0,0x5C...
Is secure to let access to ip-based blocked website to 127.0.0.1?
127.0.0.1 is simply your localhost. Allowing this IP simply says that you allow this machine (and only this if 127.0.0.1 is the only IP you whitelisted) to access the Network so no, there wouldn't be any issue with allowing access to your localhost so long as that machine itself isn't...
CakePHP - Controller testing failed because of Security component
security,unit-testing,cakephp,cakephp-3.0
That is to be expected, as you're not sending the necessary security token, which is what the security component requires. Just look at your generated form, it will contain hidden inputs for the _Token field, with the subkeys fields and unlocked, where fields will contain a hash and possibly the...
Spring Boot MVC non-role based security
java,security,spring-mvc,spring-boot
Maybe @PreAuthorize or @PostAuthorize will be enough for you, it depends what exactly u need. You can try sth like this: @PostAuthorize("returnObject.widget.owner.id == principal.id") public Widget getWidgetById(long id) { // ... return widget; } UPDATE: You can use Pre/Post Authroize since Spring Security 3.0 and as you said it provides...
ClickOnce, reflection and security
.net,security,clickonce,appdomain
I found the problem. This is the solution for anyone on my situation: I missed to set the domain permision: Dim permissions As New Security.PermissionSet(Security.Permissions.PermissionState.Unrestricted) Dim adSetup As New AppDomainSetup() adSetup.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory Dim dom As AppDomain = AppDomain.CreateDomain(Guid.NewGuid.ToString, AppDomain.CurrentDomain.Evidence, adSetup, permissions) ...
Android encryption and decryption of text fails
android,security,encryption,encryption-symmetric
The output type of Cipher#doFinal(byte[]) is byte[], but Arrays don't have a default way in which their contents are printed. By calling byte[].toString() on an array, you're simply printing its type and hash code. (More on this here) What you want is decrypted = new String(cipher2.doFinal(decodedBytes), "UTF-8"); which tells the...
How can I make a postgres role that has limited access, no insert update, but can do maintenance tasks like reindex and backups?
You can always wrap the command in a function. Run the function with its definer's privileges. Give execute privileges to someone else. Example: set role roleThatOwnsTable1; /* SECURITY DEFINER tells Postgres to run the function with the privileges of the role that defined the function, as opposed to the privileges...
Checking if the file is rar through its bytes
This is because you have just copied a function from somewhere for a different filetype and not every filetype has any notion of a "subheader". You only need to check the main header in the case of RAR. I also suggest modifying the naming of the variables, it is quite...
“Invalid use of a side-effecting operator 'OPEN SYMMETRIC KEY' within a function.” error while opening a symmetric key
sql-server,sql-server-2008,security,sql-server-2012,encryption-symmetric
There are several things you can do inside a procedure but can't do inside a function. Based on Ben Cull's blog, you can get around this limitation by creating a procedure that handles opening the keys and call that before using the function. The procedure: CREATE PROCEDURE OpenKeys AS BEGIN...
Hide sensitive information from git changes
What you probably are looking for is a filter. You set these up in your .gitattributes file to run one substitution upon adding a file to the staging area, and another substitution upon checkout: The image is from the .gitattributes section of the Git book, which has details on how...
Securing RTP packets without encrypting each packets
security,encryption,sip,voip,rtp
I believe some of your concerns are addressed in the following IETF Spec - https://tools.ietf.org/html/rfc7201 - Options for Securing RTP Sessions But IMO, there is a cost of security w.r.t processing and thats a given for the enhanced layer of protection. I haven't come across any other fancier ways other...
how to secure android-php-mysql connection
This may be overly simplistic answer, but couldn't you use SSL to encrypt the connection, and POST the keys? This way the POST data would not be visible to a sniffer, and 'outsiders' cannot make meaningful requests that will actually be processed by your script if they did know the...
Where can I configure groups like “stock.group_stock_user” with Open ERP?
Groups is the key role in Odoo (formally OpenERP) Security based on the user security group is the major role for implement any module for specifically user access. How to create the Group and update with the existing group in OpenERP : I am just updating the existing security Group...
PHP token security
There is no vulnerability inherent to using GET instead of, for example, POST from a network perspective. The only caveat you should keep in mind is that a GET request is more likely to be stored on the client (e.g. browser history) in a way you might not intend. For...
Docker for a one shot CLI application
linux,security,docker,workflow,bioinformatics
If users will be able to execute docker run then will be able to control host system just because they could map files from host to container and in container they always could be root if they could use docker run or docker exec. So users should not be able...
How to secure a controller on WebAPI for use by only the local machine
c#,security,asp.net-web-api,certificate
If you ONLY wanted to accept requests that originated from the same machine, you could check the IsLocal property of the request context MSDN. HttpRequest.Context.Request.IsLocal You could then build it into a custom authorize attribute and register it globally, enforcing the requirement on all of your Web API controllers. public...
Securing JWT tokens in a AJAX call
Yes, user may access JWT token on his browser - this is no different as with cookies. For the scenarios where user of B authorizes your application A to access the B on his behalf, there is no need to protect JWT token from the user himself - just from...
Creating My Symmetric Key in C#
c#,security,encryption,cryptography,aes
for symmetric encryption algorithms most often need a binary array as a key. It raises the following questions: how to get the binary data for the key? The key should be random. If it is not random, it is easier to figure out by others. Unfortunately, it is not that...
HTTP Basic authentication (Java / Jersey)
java,web-services,rest,security
That's because the basic authentication scheme is an implicit authentication scheme. Once authenticated, the browser will automatically include the credential on subsequent requests. The only way to prevent this is to open an anonymous session or close the browser. These authentication schemes are vulnerable to CSRF attacks. There are other...
Is client-side java intrinsically less secure than javascript?
It's not a matter of language. It's a matter of environment. Running Java applets on a web page currently involves using a Java plug-in, which takes a JVM that includes features to do all kinds of things we wouldn't want a web page to be able to do and runs...
iPhone Memory management for a deallocated password (Malloc Scribble in production?, fill with zeroes deallocated memory?)
ios,objective-c,iphone,c,security
I don't think that there's something that can be done on the build settings level. You can, however, apply some sort of memory scrubbing yourself by zeroing the memory (use memset with the pointer to your string).
Getting “format not a string literal and no format arguments” warning while using GTK+2
c,security,gcc,gtk,gcc-warning
The answer is quite simple. You have to add "%s" to the arguments of the gtk_message_dialog_new() function like this: static void show_message (gchar *message, GtkMessageType type) { GtkWidget *dialog = gtk_message_dialog_new(NULL, 0, type, GTK_BUTTONS_OK, "%s", message); gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); } Basically, the lack of "%s" is considered non-secure by gcc. You...
Code fails for decrypting without salt or iv in Java
java,security,encryption,aes,password-encryption
You can decrypt the ciphertext in exercise 3.8 by using the simple ECB mode of AES, which does not use an IV. Since you have the key, there is no need for salt (there is no key derivation). Use AES 256 ECB mode in Java, and pass the key as...
How to secure configuration file containing database username and password
As @Darkbee stated, the simplest way is to have the file outside your website root. This would be accessible on the server, but not to the public under any circumstances. The alternative is to set the permissions to 400 on the file. .htaccess could block access, but not blocking access...
How create a custom response when spring-security receives null credentials (username and password)?
spring,security,spring-security,basic-authentication,postman
Use the standard exception of spring security, it will handle by itself if you already have an exception handler to transform the messages into Json response. catch (Exception exception) { throw new AuthenticationCredentialsNotFoundException("Fields must not be empty", exception); } ...
Headers for security
You definitely don't want to put them in HTML using <meta> tags, as JavaScript can just remove them, and (correct) browsers will ignore them. You need to set them as HTTP response headers on the server, and this depends on your server / framework. You also don't want to do...
phantomjs --web-security=no
Maybe. Allowing cross domain XHR opens up a few attacks. E.g. see http://stackoverflow.com/a/7615287/841830. See also Is CORS a secure way to do cross-domain AJAX requests? But this tends not to come up with the normal use cases for Phantom: whether you are testing your own web site, or screen-scraping, you...
NDK application Signature Check
java,android,security,android-ndk,digital-signature
I will try to answer your first question here: Signature of your application is stored in the DEX(Dalvik executable) file of your APK. DEX files have following structure: Header Data section(contains strings, code instructions, fields, etc) Arrays of method identifiers, class identifiers, etc So, this is the beginning of the...
X509Certificate: what is the difference between getIssuerDN() and getSubjectDN() methods
java,security,authentication,x509
This methods reads from two different fields in certificate. It may returns the same result in your case but not in common. Please refer to getIssuerDN() and getSubjectDN()....
When a security update is applied as a patch, does the product name change?
No, the installed OS name will not change as the result of a patch. Only an OS upgrade/reinstall does that (and service packs change the service pack level).
User process can't see global shared memory created by service
c++,windows,security,winapi,memory-mapped-files
Your service is closing its handle to the file mapping immediately after creating it, thus the mapping is being destroyed before the app has a chance to open its handle to the mapping. Your service needs to leave its handle to the mapping open, at least until after the app...
What damage can a website do?
The main risk is encountering a drive-by download. A drive-by download isn't necessarily a file download in the usual sense, it could be a browser exploit that allows executable code to download and execute on your system (known as the payload). One example is the Microsoft Internet Explorer colspan Element...
Trojan(Simple Client-Server in C)
c,security,firewall,virus,trojan
Avira : AMES is using the Avira engine for virus detection. If the Avira engine is not able to detect a virus, then the most likely cause could be that this virus is brand new and cannot be detected yet. We would greatly appreciate if you submit the suspicious file...
PHP shell input sanitizing
You're on the right track. You can use [^0-9a-f] instead of [^0-9a-z] to prevent someone from passing a non-hexadecimal character. $arg = preg_replace('/[^0-9a-f]/', '', $arg); if (strlen($arg) === 40) { // We have a SHA-1 hash shell_exec("git checkout {$arg}"); } In general cases, escapeshellarg() is what you want to use,...
iptables put all forwarding rules in prerouting
linux,security,networking,firewall,iptables
If a packet does not match any rules in your PREROUTING chain, there is nothing to prevent it from hitting your FORWARD chain, unless you set the default PREROUTING policy to DROP. Packets only go to the INPUT chain if their destination address is an address that belongs to a...
Reverse ^ operator for decryption
c,algorithm,security,math,encryption
This is not a power operator. It is the XOR operator. The thing that you notice for the XOR operator is that x ^ k ^ k == x. That means that your encryption function is already the decryption function when called with the same key and the ciphertext instead...
SAML service provider signature verification
security,single-sign-on,saml,pingfederate
From a very high level, yes, your three steps are correct. More specific: 1 will include decoding the base64 encoded response, checking against schema, etc. 2 will be done via signature validation, checking the authority, seeing if it's a response to a sent AuthnRequest and matching it, etc. 3 comes...
Which layer of an application should keep security logic (permissions, authorization)?
security,business-logic,n-tier-architecture
I think the answer to this question is complex and worth a bit of thought early on. Here are some guidelines. The service layer is a good place for: Is a page public or only open to registered users? Does this page require a user of a specific role? Authentication...
Django user login through api [duplicate]
django,security,django-rest-framework
Keep in mind using a Django form will only allow you to use SessionAuthentication under DRF - more notes here. Short of it is to use the Django LoginViews when creating login pages, and the notes on using CSRF tokens if you do use Session Auth with DRF. http://www.django-rest-framework.org/api-guide/authentication/#sessionauthentication How...
Client side password hash versus plain text
security,hash,passwords,client,password-hash
Most websites will send the password plain-text over an encrypted connection SSL/HTTPS. Hashing the password client-side can be done, but the advantage is small and often client-side languages (JavaScrypt) are slow so you can calculate less rounds in the same time, what weakens the hash. In every case the server...
How is rails CSRF generated token useful?
Let's say you want to hack your friends paypal account and make him buy you something. You can make an email that will tell him click on this button to get a free cookie. Your friend being fooled by the email will click the button. If you make this button...
Spring boot security with 3 fields authentication and custom login form
spring,security,spring-security,spring-boot
Actually i manage to find a solution to my issue. I added successHandler on successfulAuthentication was missing ! And a failureHandler too on unsuccessfulAuthentication methods. Here is my new Authentication filter : public class TwoFactorAuthenticationFilter extends UsernamePasswordAuthenticationFilter { private static final String LOGIN_SUCCESS_URL = "{0}/bleamcards/{1}/home"; private static final String LOGIN_ERROR_URL...