Tuesday, November 4th, 2008
About 10 years ago a friend of mine showed me an exploit. It was written in C and it tried to spawn a shell at a remote host. It seemed pretty cool. I did not understand the code but the mere idea that almost anybody equipped with a script like that could deface a webpage [...]
Posted in Featured, report | View Comments
Tuesday, September 2nd, 2008
There are two main ways to associate a session state with a user — session cookies and session URL parameters. However for public sites there may be some risks for the URL-based approach.
Cookies are saved on the computer and are only ever sent in requests to the domain that has saved them. They have always [...]
Posted in creative | View Comments