はてブログ

はてなブックマーク新着エントリーの過去ログサイトです。



タグ Tom Anthony

新着順 人気順 5 users 10 users 50 users 100 users 500 users 1000 users
 
(1 - 2 / 2件)
 

Zoom Security Exploit - Cracking private meeting passwords - Tom Anthony

2020/07/29 このエントリーをはてなブックマークに追加 10 users Instapaper Pocket Tweet Facebook Share Evernote Clip

Short version: Zoom meetings were default protected by a 6 digit numeric password, meaning 1 million maximum passwords. I discovered a vulnerability in the Zoom web client that allowed checking if a password is correct for a meeting, due to broken CSRF and no rate limiting. This enabled an attack... 続きを読む

Googlebot's Javascript random() function is deterministic - Tom Anthony

2018/02/07 このエントリーをはてなブックマークに追加 22 users Instapaper Pocket Tweet Facebook Share Evernote Clip

I was conducting some experiments on how Googlebot parses and renders Javascript, and I came across a couple of interesting things about the way it does so. The first is that Googlebot’s Math.random()... 続きを読む

 
(1 - 2 / 2件)