Top new questions this week:
|
|
I recently came across a php file on a compromised website that had what appeared (in Sublime Text) to be a huge white-space gap. When I run a diff against the original source file I can clearly see …
|
|
Thriller novelist here looking to get something right. I have a character who uses an alias. I have two scenarios I’m trying to have play out… At some point, they have sent emails from the same …
|
|
For the consumer of the API to send and receive, encrypt and decrypt into that same API, wouldn’t the client consumer also have to have the same public and private key as the server that provides the …
|
|
I’m learning about the Evil Twin and ARP Spoofing attacks performed by an attacker on the same WPA2-PSK protected wireless network and wanted to know which one would be more impactful since both of …
|
|
In a Python Metasploit module that I’m developing, I am trying to use CMD as one of the options: ‘options’: { ‘RHOST’: {‘type’: ‘address’, ‘description’: ‘Target address’, ‘required’: True, ‘…
|
|
I read about a concept that went something like “access equals authorization,” the idea being that there is something secured, and if someone manages to get into it, then they have proven …
|
|
I’m looking for the relevant CWE’s for specific attacks against prompt-based language ML models, such as GPT-2, GPT-3 etc. Specifically: Prompt Injection: Amending prompts with malicious input to …
|
Greatest hits from previous weeks:
|
|
Maybe I have been negligent towards the verification of software I download over the Internet, but I (or anybody I ever met) have never tried to verify the checksum of the contents I download. And …
|
|
I want to block torrent traffic on my network because it is utilizing too much bandwidth and disrupted my network traffic. What port range should I use and what protocol TCP or UDP?
|
|
What is the difference between Federated Login and Single Sign On authentication methods?
|
|
There is a new big case of stolen login/password data in the news. At the same time, I am reading that there are services that let you check if your own login data is affected, e.g. Have I Been Pwned. …
|
|
How can I find out if files from my computer were written/copied/moved to a USB storage device? I want to know if there is a solution that would work in a system that has not got any monitoring/…
|
|
How accurate is this XKCD comic from August 10, 2011? I’ve always been an advocate of long rather than complex passwords, but most security people (at least the ones that I’ve talked to) are against …
|
|
I read some articles (article1, article2, article3, article4) about the Shellshock Bash bug (CVE-2014-6271 reported Sep 24, 2014) and have a general idea of what the vulnerability is and how it could …
|
Can you answer these questions?
|
|
While attempting OS Command Injection on a url.com/?ping= parameter, I see that all single quotes ‘ are being escaped and replaced by \\’. This is problematic because whenever you submit a value to ?…
|
|
<input type=”hidden” id=”test” name=”test” value=”alert(1)”> <script> document.test = test.value </script> When test.value gets evaluated I …
|
|
I was burning an iso file into the sd card with pi imager and I doubled checked the hash before the burning and after and I got different results sha256sum kali-linux-2022.4-raspberry-pi-arm64.img.xz …
|
