security

Spot the bug: Bad Escape

2023 Jul 19 #security


Hi! I wrote some Excellent Javascript that lets you change an image based on the funny little characters you type in the box at the bottom. I’ve vaguely heard of XSS, so I know that I should escape the characters, so I copied the escaping rules from Tera.

Namely, replacing &, <, >, ", \``, and /` with their associated HTML entities.

Your task is to call submitFlag with the string value <>. If you succeed, I will alert a fun message for you :)

Application Tokens - using tokens to not use passwords

2023 Jun 25 #security


I was looking at a tool to send matrix messages from the CLI, and it got me thinking about how we handle authentication for tools like this. I don’t want to give everything my password, especially if it doesn’t need permissions to do literally everything that I can do.

PoC Watermark Attack on Restic

2023 May 20 #security


First off, does this matter to you? No. No it doesn’t. Unless you’re backing up gigabytes of completely attacker controlled data, to an attacker controlled service, and need to ensure they don’t know you’re backing up said data, it Doesn’t Fucking Matter.

With that said, it’s a somewhat neat attack!

A watermarking attack is when an attacker who can get you to store an attacker-controlled piece of data can then detect the presence of that attacker controlled data. It’s not a huge deal, but is a concern if someone is able to inject a watermark into, say, copywritten or leaked content, and then automatically terminate the cloud storage/backup accounts of users that can be shown to have that data on their drive.