OAuth native app without localhost redirect

Section 4.1 of RFC 8252 describes the OAuth authorization flow for native apps using the browser (i.e., external user-agent). In this flow, the native app receives the authorization code in step 4 by setting the redirect URI to the loopback IP. This, of course, requires the native app to open a port on the loopback interface and subjects us to attacks where other apps could get the authorization code (unless we use something like PKCE).

Our system is a client-server model where the clients are various custom command line tools with no real user interface. In our deployments, we can’t always guarantee that we will be able to open a port on the loopback (and we’d like to avoid the added security concerns that PKCE addresses). We would like to tweak the flow for our use case but want to make sure we aren’t leaving the door open for security issues. Here is the flow we’d like to use:

  1. Command line tool initiates intent to perform OAuth flow to Application Server.
  2. Application Server generates a random in progress session token and a separate random OAuth flow state value
  3. Application Server stores both values in the database together
  4. Application Server returns both values to the Command line tool
  5. Command line tool launches the external user-agent (e.g., browser) and starts the authentication process against the Authorization Server using the OAuth state value provided by the Application Server
  6. User authenticates
  7. Authorization Server redirects to the Application Server along with the state value
  8. Application Server retrieves authorization code and stores it in the database along with the in progress session token and OAuth state value
  9. Command line tool submits the in progress session token to the application server
  10. Application server retrieves the authorization code from the database and treats it as if the command line tool provided it

Outside of the potential for DoS abuse on submitting lots of OAuth initiations and the potential for the command line tool to initiate step 9 before the application server has completed step 8, are there other security issues to be concerned with?

How to migrate production WordPress to Localhost

I am trying to migrate a production WordPress site to a localhost install on MacOS using MAMP pro. What steps do I need to preform to enable this.

I have the data base configured and connecting.

I am able to hit localhost:8888/readme.html and get served the WordPress readme from Apache.

Unfortunately If I hit http://localhost:8888 or http://localhost:8888/index.php I get a 301 redirect to http://localhost The port is dropped and nothing gets served.

I am unsure where this 301 is coming from and currently blocked on this

How to get a new mail alert notification popup for Postfix localhost mail in Ubuntu MATE 19.04

I have configured Postfix along with Mailutils to send and receive mails from localhost in Ubuntu MATE 19.04. I can read mails through terminal just fine.

Now how do I get new mail alert notification popups in system tray for incoming mails? Like upon a system boot and whenever new mail arrives afterwards. I’d like the notifications to stay there until dismissed. Many thanks.

Note: Just to be extra clear this setup is for “local only” mails.

Postfix version: 3.3.2-4 Mailutils version: 1:3.5-2build1 

How to get a new mail alert notification popup for Postfix localhost mail in Ubuntu MATE 19.04

I have configured Postfix along with Mailutils to send and receive mails from localhost in Ubuntu MATE 19.04. I can read mails through terminal just fine.

Now how do I get new mail alert notification popups in system tray for incoming mails? Like upon a system boot and whenever new mail arrives afterwards. I’d like the notifications to stay there until dismissed. Many thanks.

Note: Just to be extra clear this setup is for “local only” mails.

Postfix version: 3.3.2-4 Mailutils version: 1:3.5-2build1 

Redirect an external IP to localhost?

Is it possible to redirect all calls to an external IP on internet, to localhost (without use of hosts)?

I have an old application and I don’t have the source code and this application try to connect to a postgres server using an IP

Can I instruct ubuntu to redirect all callings to this external IP to localhost?

In this way, I’ll be able to run a postgres server on localhost and work with my application.

note: the application uses the IP, not the dns.

Localhost intercept not working for burp suite

I configured my Firefox proxy to send my php website traffic running on localhost to burp suite for intercept but its not intercepting anything.My firefox and burpsuite configurations here.I’ve tried using different port other than 8080,went to about:config and enable localhost hijacking but still it wont work.Days ago it was working fine but now its not.