Explore >> Select a destination
|
You are here 
|
eapolsniper.github.io | ||
| | | | |
tashian.com
|
|
| | | | | The story of a major hash table vulnerability, and how it took a decade to uncover and resolve. | |
| | | | |
myers.io
|
|
| | | | | Every so often I see posts on Stack Exchange, or Hacker News where someone has figured out that their passwords are being sent to the server and the server can see them! The logic that we see is that if the password is hashed client side, then only the hash needs to be sent to the server, so the server never knows the password. Unfortunately, I sometimes even see this go one step further when people suggest that with this arrangement, HTTPS isnt required. Wrong. | |
| | | | |
royvanrijn.com
|
|
| | | | | Today I've been looking into rainbow tables. These are tables used to do a reverse lookup for a hash function. For example MD5, or Windows LAN Manager. Usual... | |
| | | | |
honeypot.net
|
|
| | | I received an email from Slack on Thursday, 2022-08-04: We're writing to let you know about a bug we recently discovered and fixed in Slack's Shared Invite Link functionality. This feature allows users with the proper permissions to create a link that will allow anyone to join your Slack workspace; it is an alternative to inviting people one-by-one via email to become workspace members. You are receiving this email because one or more members of your workspace created and/or revoked one of these links fo... | ||
