你见过的最糟糕的安全漏洞是什么?为了保护罪犯,限制细节可能是个好主意。
不管怎样,这里有一个关于如果你发现了安全漏洞该怎么办的问题,还有一个关于如果公司(似乎)没有回应该怎么办的问题。
你见过的最糟糕的安全漏洞是什么?为了保护罪犯,限制细节可能是个好主意。
不管怎样,这里有一个关于如果你发现了安全漏洞该怎么办的问题,还有一个关于如果公司(似乎)没有回应该怎么办的问题。
当前回答
Right at the start of the .com era, I was working for a large retailer overseas. We watched with great interest as our competitors launched an online store months before us. Of course, we went to try it out... and quickly realized that our shopping carts were getting mixed up. After playing with the query string a bit, we realized we could hijack each other's sessions. With good timing, you could change the delivery address but leave the payment method alone... all that after having filled the cart with your favorite items.
其他回答
当我使用Colloquy (IRC)时,密码字段会弹出,但我仍然在主屏幕上集中,所以当我按下enter键时,全世界都知道我的密码,而我却没有意识到。
社会工程:
<Cthon98> hey, if you type in your pw, it will show as stars
<Cthon98> ********* see!
<AzureDiamond> hunter2
<AzureDiamond> doesnt look like stars to me
<Cthon98> <AzureDiamond> *******
<Cthon98> thats what I see
<AzureDiamond> oh, really?
<Cthon98> Absolutely
<AzureDiamond> you can go hunter2 my hunter2-ing hunter2
<AzureDiamond> haha, does that look funny to you?
<Cthon98> lol, yes. See, when YOU type hunter2, it shows to us as *******
<AzureDiamond> thats neat, I didnt know IRC did that
<Cthon98> yep, no matter how many times you type hunter2, it will show to us as *******
<AzureDiamond> awesome!
<AzureDiamond> wait, how do you know my pw?
<Cthon98> er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
<AzureDiamond> oh, ok.
从bash.org
有许多网站使用代理文件来传送图像或其他文件。没有检查路径的有效性。
So.
getfile.php ?文件 =../../../../ 等/ passwd
or
Getfile.php ?file=../index.php(包含所有密码的纯文本)
令人惊讶的是,还有很多网站仍然存在这个缺陷。getfile.php只需要谷歌,你就可以轻松地打开盒子了。
一位同学曾经不小心把密码发到了推特上……那是个很严重的安全漏洞。
旧的IBM System 36哑终端有一个开始录制宏的键盘组合。因此,当终端未登录时,您可以开始录制宏并将其留在该位置。下次有人登录时,击键将被记录在宏中,当记录最多允许的键时,记录将自动结束。稍后回来并重放宏以自动登录。