Explore >> Select a destination
|
You are here 
|
blog.google | ||
| | | | |
business.safety.google
|
|
| | | | | When we create security solutions to keep our business services safer, we find opportunities to share it for everyones benefit. | |
| | | | |
eprint.iacr.org
|
|
| | | | | In spite of the use of standard web security measures (SSL/TLS), users enter sensitive information such as passwords into scam web sites. Such scam sites cause substantial damages to individuals and corporations. In this work, we analyze these attacks, and find they often exploit usability failures of browsers. We developed and describe TrustBar, a browser extension for improved secure identification indicators. Users can assign a name/logo to a secure site, presented by TrustBar when the browser present... | |
| | | | |
2019.www.torproject.org
|
|
| | | | | ||
| | | | |
blog.ikuamike.io
|
|
| | | Difficulty Release Date Author Intermediate 20 Aug 2019 Zayotic Summary For this box, some directory bruteforce is needed to discover some php files. One of the php files has an lfi vulnerability but can only be access by authenticating to the other page. The login form can be bypassed and we exploit the lfi. For that we poison ssh logs for exploitation to rce. For privilege escalation we exploit a python web app running locally as root using insecure deserialization of the cookie by jsonpickle. | ||
