tampering

C++ How To Read First Couple Bytes Of Function? (32 bit Machine)

我只是一个虾纸丫 提交于 2020-01-15 06:38:13
问题 Let's say I have a function like this (completely random, I just wrote it up in like 30 seconds for an example) bool exampleAuthetnication(char *a, char *b) { bool didAuthenticate = false; if(strcmp(a, b) == 0) { didAuthenticate = true; } if(didAuthenticate) { return true; } else { stopExecutable(); return false; } } How would I go about reading the first few bytes of this function? I've come up with this int functionByteArray[10]; for (int i = 0; i < 10; i++) { functionByteArray[i] = *(int*)

Rails 3 ActiveRecordStore session_id tampering

时光毁灭记忆、已成空白 提交于 2019-12-21 05:24:31
问题 I am co-developing a simple web app in Rails 3.0.9 and I have realized that there is a possible session_id tampering possible via malicious request. Mind the fact, that this is my first RoR application, so I could be totally wrong in my conceptions. Current application functionality requires sessions so I turned to ActiveRecordStore session storage, installed it and started testing in primitive workflows. I noticed that Rails framework creates cookie with the name _session_id and value of

Validator skipped when input is removed in client – is this as per JSF specification?

依然范特西╮ 提交于 2019-12-17 16:22:39
问题 I have a page with an input text component marked as required="true" and having a custom Validator in server side. Now as a client, I submit the page without the HTML element rendered by that component (this can be easily achieved by removing the element from the DOM tree using browser's builtin DOM element inspector). The form is successfully submitted, without the server side validation of this required component. Is this as per JSF specification? Is there a way to specify that the

How to tamper with source IP address on Windows

那年仲夏 提交于 2019-12-11 15:29:09
问题 We meet a testing scenario which needs to tamper with source IP address of a Http request to simulate clients coming from different countries . Do you know any tool help on this? Last but not least, our web site is built with ASP.NET. Thanks. 回答1: As noted in answers to the ServerFault question "Are IP addresses trivial to forge", you cannot easily forge source addresses in a protocol that required two way communication (e.g. TCP). Note that this "two way communication" is required at the

asp.net forms authentication ticket tampered but still works

喜夏-厌秋 提交于 2019-12-11 07:25:18
问题 I generate a forms auth ticket with some user data, encrypt and send it to my client all using the standard .net Api. Everything works except for one small problem. If i replace the 0 in the auth ticket with an alphabet between G and Z (caps), it still works - it decrypts fine and i get all my userdata and everything from the auth ticket. This is not supposed to happen right? Even a small change in the auth ticket should make the decryption not work right? Any other change would ensure that

How “tamper proof” is the $_SERVER variable in php?

主宰稳场 提交于 2019-12-10 12:54:58
问题 Would I be taking a big security risk by trusting the content of the $_SERVER variable array to get the name of php file using $_SERVER['PHP_SELF']? 回答1: Many but not all of the $_SERVER variables are attacker controlled. For instance $_SERVER['SCRIPT_NAME'] is safe where as $_SEVER['PHP_SELF'] is a vary dangerous variable and is often the source of xss: <?php echo $_SEVER['PHP_SELF']; ?> PoC: http://localhost/self.php/<script>alert(/xss/)</script> It is easy to see this vulnerability in

Pass data from page to page safely

大兔子大兔子 提交于 2019-12-08 08:42:02
问题 I am looking forward for a method to pass data from page to page safely and avoid as It's possible the tampering. The best way to solve it, is to save the sensitive data on db server. Or using session persist on db server. Or whatever method that persists data on db server. The fact is because of performance I wouldn't like to use such methods. I don't know if the following is a safe way, but I would like to test it.( but i don't know if it is possible) I would like to save the sensitive data

sniffing and tampering requests and responses of web sites, how prevent?

我只是一个虾纸丫 提交于 2019-12-08 08:03:28
问题 i am working on security and other stuff about my web sites. in my country online payments work like paypal. mean you should pass some parameters such as Amount,MerchantID,ReturnURL,ResNum(OrderID) by post method to bank and bank will pass some parameters such as MID,Status,ResNum to you after payment. during this requests and responses somebody can use the software below to sniff and tamper: http://www.fiddler2.com/fiddler2/ please see this video: http://www.fiddler2.com/fiddler/help/video/

sniffing and tampering requests and responses of web sites, how prevent?

你说的曾经没有我的故事 提交于 2019-12-06 16:28:26
i am working on security and other stuff about my web sites. in my country online payments work like paypal. mean you should pass some parameters such as Amount,MerchantID,ReturnURL,ResNum(OrderID) by post method to bank and bank will pass some parameters such as MID,Status,ResNum to you after payment. during this requests and responses somebody can use the software below to sniff and tamper: http://www.fiddler2.com/fiddler2/ please see this video: http://www.fiddler2.com/fiddler/help/video/ i test it and it also works on https by using a certificate. wow... how can i prevent this sniffing and

Prevent audit table tampering

泄露秘密 提交于 2019-12-06 03:42:48
问题 We have audit table in our database. Records to this table are done using triggers. Currently, there is nothing that prevents user to log on to database server, open table from management studio and change data in audit table. What are possible mechanisms that can prevent (or at least detect) cases of audit data tampering? I'm thinking of adding one column in audit table which should contain some hash calculated based on values that are entered in that row. However, since audit is done using
订阅 tampering