Category: security

0

Common upload flaws

If a remote web server let you upload and execute scripts so this is beginning to turn turn bad. Here are some common upload flaws: extensions blacklist double extensions MIME type Null Byte Extensi

0

Hardened Tor Browser with Selfrando

6 June 2016, the Tor Project announced a hardened version of Tor Browser: 6.5a1-hardened. Here some links: Download page for hardened builds (only avaible for Linux at this time). Distribution direct

0

Hide AES-256 encrypted zip file in a JPEG image

This how-to was made for Linux user. The user will need p7zip, exiv2 and optionally exif, exiftool, unzip. Create an AES-256 encrypted zip file# 7z (p7zip for Linux) can produce zip-format archives wi

0

Pastejacking vs clipboard hijacking

Clipboard hijacking# It as been possible for a long time to use css (-9999px position trick) to append malicious content to the clipboard. Users doesn't notice anything and may execute unwanted comman

0

c99.php : A backdoored backdoor

C99 is a PHP webshell. Attackers uploads it on web server in order to get information and above all execute commands with web user privileges (ex: www-data). This webshell is protected by a customizab