Похожие чаты

Hi mates I have recently started to study cyber security

and as I understood that strong server side validation is tough enemy for hackers, so which tools of encoding - obfuscation do they use to break server side validation? Surprisingly Google gives little information about it

8 ответов

18 просмотров

Obfuscation is not security

Nobody will willingly give you that information

Börke(МБорке)- Автор вопроса
Sharuzzaman Ahmat Raslan
Obfuscation is not security

Correct me if I am wrong but I used to think that obfuscation (methods or tools) are used for making the validation system confused so hackers can do request/response manipulation, no?

Börke(МБорке)
Correct me if I am wrong but I used to think that ...

No. Obfuscation is a way to hide something, but it is not encryption. ROT13 is an example of obfuscation. PGP keypair is encryption

Börke(МБорке)- Автор вопроса
Sharuzzaman Ahmat Raslan
No. Obfuscation is a way to hide something, but it...

Mate, then can you explain that how do hackers deal with server side validation ?(besides social engineering)

Börke(МБорке)
Mate, then can you explain that how do hackers dea...

Look for buffer overflows, look for SQL injection sites, look for timing attacks

Börke(МБорке)- Автор вопроса
Börke(МБорке)
Ok thx for the advice. Yes these are common attack...

You can also look for what parser they use to see if you can get it to do more creative things (lookup "the treachery of files" conference and the mag "POC || GTFO")

Похожие вопросы

Обсуждают сегодня

Господа, а что сейчас вообще с рынком труда на делфи происходит? Какова ситуация?
Rꙮman Yankꙮvsky
29
А вообще, что может смущать в самой Julia - бы сказал, что нет единого стандартного подхода по многим моментам, поэтому многое выглядит как "хаки" и произвол. Короче говоря, с...
Viktor G.
2
@Benzenoid can you tell me the easiest, and safest way to bu.y HEX now?
Živa Žena
20
This is a question from my wife who make a fortune with memes 😂😂 About the Migration and Tokens: 1. How will the old tokens be migrated to the new $LGCYX network? What is th...
🍿 °anton°
2
30500 за редактор? )
Владимир
47
а через ESC-код ?
Alexey Kulakov
29
What is the Dex situation? Agora team started with the Pnetwork for their dex which helped them both with integration. It’s completed but as you can see from the Pnetwork ann...
Ben
1
Гайс, вопрос для разносторонее развитых: читаю стрим с юарта, нада выделять с него фреймы с определенной структурой, если ли чо готовое, или долбаться с ринг буффером? нада у...
Vitaly
9
Anyone knows where there are some instructions or discort about failed bridge transactions ?
Jochem
21
@lozuk how do I get my phex copies of my ehex from a atomic wallet, to move to my rabby?
Justfrontin 👀
11
Карта сайта