In the administration of advanced iframe I came across following:
“Please do not use a different protocol for the iframe: Do not mix HTTP and HTTPS if possible!”.
What does this mean? If the protocol of my page is HTTP than use an HTTP page inside the iframe. If the protocol of my page is HTTPS than use an HTTPS page inside the iframe.
I have a docker container connected to a VPN, but sometimes i need to open a URL on browser for debug.
I cannot run the VPN on my host machine for security reasons, specifically i want to open the URL in my host machine and intercept request with BURP Suite, i already tried some “python proxy servers” from github to start a proxy on my docker machine and connect my host to it, without success.
Someone did something similar?. any ideas?
PD. sorry for my english. 🙂
Is it correct that there are various ways that a HTTP client can authenticate itself with a HTTP server?
Are the following such ways?
authorization header: for various authorization protocols (e.g. basic, digest, …)
digital certificates: as used in HTTPS.
specify user name and passwords in HTTP request’s message body, by applying HTTP POST method on form data
Are they used individually or together? Are they used for the same or different purposes? When is each way used?
In the second way, is digital certificates specified in some HTTP request header(s)? (In curl, it is specified via
In the third way, when specify user name and passwords in HTTP request’s message body, are they encrypted? Does the server know how to decrypt them?
I’ve read How to exploit HTTP Methods:
OPTIONS – this is a diagnostic method, which returns a message useful mainly for debugging and the like. This message basically reports, surprisingly, which HTTP Methods are active on the webserver. In reality, this is rarely used nowadays for legitimate purposes, but it does grant a potential attacker a little bit of help: it can be considered a shortcut to find another hole.
Now, this by itself is not really a vulnerability; but since there is no real use for it, it just affects your attack surface, and ideally should be disabled. NOTE: Despite the above, OPTIONS method IS used for several legitimate purposes nowadays, for example some REST APIs require an OPTIONS request, CORS requires pre-flight requests, and so on. So there definitely are scenarios wherein OPTIONS should be enabled, but the default should still be “disabled unless required”.
This post is a bit old now. What’s up today with the OPTIONS methods? Most of the scans show that it’s a vulnerability. It is really dangerous?
I have no choice to use OPTIONS for some of my apps. What can I do to secure it?
I am wondering if the “/todo1” part of the below URL
curl https://someserver:5000/todo1 -d "data=Remember the milk" -X PUT
Gets encrypted over TLS/HTTPS, or is the full URL that you’re sending your request to visible to a middle man?
I have an REST API exposed to the Internet and another application with form-based authentication.
These apps are behind Web Application Firewall.
Question is, where I should implement below Secure HTTP Headers, on WAF or Code level?
X-XSS-Protection X-Frame-Options X-Content-Type-Options X-Permitted-Cross-Domain-Policies HTTP Strict Transport Security HTTP Public Key Pinning Content Security Policy Referrer Policy Feature-Policy
So, I have Google alerts set for a few words, and one of these alerts had a link to the site “chatsosedi.ru” which I opened. I found out the site isn’t https. I clicked on it before realizing. Is it safe, & what can I do to secure my email and phone now? Thanks
I found the following strange HTTP request apparently emanating from binaryedge.ninja:
min-li-ustx-12-13-65991-x-prod.binaryedge.ninja - - [05/Jan/2020:07:18:48 -0500] "GET / HTTP/1.0" 302 212 "-" "-" min-extra-grab-108-ustx-prod.binaryedge.ninja - - [05/Jan/2020:07:18:52 -0500] "GET / HTTP/1.0" 302 212 "-" "-" min-extra-grab-108-ustx-prod.binaryedge.ninja - - [05/Jan/2020:07:18:54 -0500] "HELP" 400 226 "-" "-" min-extra-grab-108-ustx-prod.binaryedge.ninja - - [05/Jan/2020:07:18:54 -0500] "\x1b\x84\xd5\xb0]\xf4\xc4\x93\xc50\xc2X\x8c\xda\xb1\xd7\xac\xafn\x1d\xe1\x1e\x1a3*\x85\xb7\x1d'\xb1\xc9k\xbf\xf0\xbc" 400 226 "-" "-" min-extra-grab-108-ustx-prod.binaryedge.ninja - - [05/Jan/2020:07:18:56 -0500] "\x16\x03\x01" 400 226 "-" "-" min-extra-grab-108-ustx-prod.binaryedge.ninja - - [05/Jan/2020:07:18:58 -0500] "\xbd\xff\x9e\xffE\xff\x9e\xff\xbd\xff\x9e\xff\xa4\xff\x86\xff\xc4\xff\xbe\xff\xc7\xff\xdb\xff\xee\xffx\d9\xff\xed\xff\xa4\xff\x9d\xff\xcf\xff\xd8\xff\xe5\xff\x04\xff\x12\xff0\xff\xb1\xff\xbd\xff\xe7\xff\xe2\xff\xdd\xff\xdc\xff\xde\xff\xc8\xff\xcc\xff\xbe\xff\xf8\xff&\xff\x01\xff\x0f\xff\xf5\xff\x06\xff\xff\xff\xf7\xff!\xff\xde\xff\x02\xff&\xff\x0c\xff\x01\xff\xf5\xff" 400 226 "-" "-"
Looking around the web, I see similar log messages on other publicly visible web logs and one suggesting some connection to Gh0st.
Anyone have any idea what this is, and by this company would appear to be attacking my server and others?
I was intercepting some HTTP POST requests while doing some pentests for the company i work for and i found this POST request:
I ran this through several hashing sites to see if it was a simple MD5 or SHA1 but no luck.
Some backstory…this was from some authentication via an inductive automation app.
I’m trying to brute force login on my domain using THC Hydra v9.1-dev. It is using an
ASP.net form and some of the required post body parameters contain a colon
: in them which is the separator used by Hydra. An example parameter:
This makes hydra think that I have
_ctl0 as the first part and
Placeholder as the error message.
URL encoding them, e.g this becomes:
: with a
- placing the parameter in quotation marks
but none of them worked and I can’t seem to find a way to change the separator.
Any help is much appreciated!