TransWikia.com
  1. All Categories
  2. Information Security

Information Security : Recent Questions and Answers (Page 10)

Find answers to your questions about Information Security or help others by answering their Information Security questions.

Full disk encryption and remote unlocking a mail server in the hand of a possible attacker, what could go wrong?

Since I cannot receive email directly from my home server, I need an external device to receive messages for me and deliver them to my MTA via another port or...

Asked on 10/28/2021

1 answer

Using GPG as password manager

I want to use GPG as a master password storage (encrypt and push to online storage). This would require encrypted file being able to be decrypted on multiple machines.Two computers...

Asked on 10/28/2021

1 answer

Is it safe to embed a google form on a website without an SSL Certificate?

I designed a Google Form for a website which does not have an SSL Certificate. I have planned to embed it onto a page using an iframe tag. I am...

Asked on 10/28/2021 by Vtex

0 answer

Arp poisoning doesn’t work with HTTPS navigation

I’m trying to do an ARP poisoning attack in my LAN. I use Ettercap and I place my attacker computer between my routers and target Windows computer. Despite the target...

Asked on 10/28/2021 by user13105993

1 answer

What allows meterpreter to migrate processes and how to defend against it?

I mainly use Linux so I'm not well-versed on how Windows and its privileges work. I've recently learned to use Metasploit and meterpreter on Windows boxes.Previous researchThis answer has...

Asked on 10/28/2021

2 answer

PHP Blind XXE Exploitation: Invalid URI in Entity

When attempting to exploit blind XXE as explained in this article, I got an error in my apache logs: PHP Warning: DOMDocument::loadXML(): Invalid URI: http://192.168.6.1/82a3ccab632c in...

Asked on 10/28/2021 by user3207874

1 answer

Can a website keylog you outside a virtual machine

I came across a suspicious website called keylog.me (you can already tell from the name). I was as curious as heck to find out what it does, so I got...

Asked on 10/28/2021 by cppiscool

3 answer

Why is the use of TAB (%09) characters in the middle a 'javascript:' URL valid?

Some context: I was assinged on a pentest and found an application that let me place my own links in an a tag's href attribute. As expected, all strange values...

Asked on 10/28/2021 by Paradoxis

2 answer

Is revealing the phone number during OTP verification process considered a vulnerability?

One of the common way of implementing 2FA is using phone number Text message or Call with OTP. As I can see, usually web services show something like:OTP was...

Asked on 10/28/2021 by MyUserName

6 answer

What questions are useful to scope a mobile app pen test?

When arranging a pen test it's common practice to ask the client a set of questions, and use the answers either as the basis for further discussions, or to directly...

Asked on 10/28/2021

1 answer

Ask a Question

Get help from others!

Recent Answers

Recent Questions

Tags

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP