PC master race! Console peasants :3! Rabble rabble rabble rabble! Jokes aside, there has been some non-PC gaming as well this year, and I reckon it warrants its own post. I’ll cover this in three sections: Switch, mobile, and other.
New years eve is just around the corner, so why not summarise the gaming that happened in 2018 :)! In total I acquired about 50 games, of which I’ve played 15. Once again Humble bundle is responsible for the sheer numbers, with F2P-games (~10) coming in second. Most games have been launched at least, though […]
Why have free time when you can keep tinkering with stuff? Blog is updated, theme is changed (not sure what I think of twenty nineteen yet…), and we’re ready for 2019!
This post will walk you through how to set up the basics needed to do web app pentesting. More specificly, we’ll be setting up a web browser for pointing and clicking, an attack proxy for hackety hacking – all while covering the configuration needed.
CVE-2018-6324 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6324 Summary The application will upon successfully logging in redirect the user to a user-controlled destination. A victim user may not recognise that a redirection takes place as they expect to be sent to a new page. Vendor Description F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify […]
> Is your address really street”/><script>doStuff();</script>? Cross-Site Scripting attacks are tremendously prevalent, which I find surprising because it is an easy problem to detect and to remediate. There are even a lot of decent mitigation alternatives out there as well. What is Cross-Site Scripting (or XSS, if you prefer)? Cross-Site Scripting occurs whenever someone else […]
> Hello, I’m user number fiftysev…. Fiftyeight. Insecure Direct Object References are types of authorization issues, where a user can access information (objects) which they are not supposed to. For example, imagine a bank application where you can view your personal info via: example.com/users/profile.php?id=57 Now, what does “57” refer to? Probably some kind of reference […]