Archives
-
Old Cookies Die Hard
HTTP Cookies have always been an important part of authentication, and session management. But, ever since the session management grew complex, its correlation with security has gone for a toss. Developers pay a lot of attention on keeping the session(s) valid, and more so valid even after a successful logout. Now, this accounts to a [...]
Mar 19th, 2013 | Filed under HackingTags: application, browser, cookie, facebook, google, linkedin, outlook, owasp, session management, twitter, vulnerability, web, webserver, yahoo -
Facebook Spam
I could see lots of people publishing this content on my wall, so felt to give it a shot to analyze. The link that is spreading a lot is www.stump.ws/rdgct7s. After analyzing this link, in a non-Facebook session, here is what it resolves to – www.1119999977u7.info. This page further redirects to www.2220000099×9.info. This page looks [...]
Apr 19th, 2011 | Filed under Security -
Social Net – A Forbidden Fruit?
It’s the kind of evening that anyone would expect me to be sitting in office for a snacks time conversation. But today due to some power problems, we called the day off pretty early. I was feeling a little restless, so came out and walked into a Cafe Coffee Day (CCD) to have an Expresso. [...]