Hack3rScr0lls

2020-10-17 14:23:12 How to find the way?

Using other hosts as a gateway, sometimes, you can get access to other VLANs, bypass firewalls, and find unauthorized routes to the Internet.

That is a task for gateway-finder!

It finds hosts with enabled IP forwarding by sending ICMP/TCP packets using other hosts in the network as a gateway.

Check gateway-finder-imp by @whitel1st.

It improves the original tool with:
> List of IP addresses for scanning
> Support for custom TCP ports
> Nice color output

github.com/whitel1st/gateway-finder-imp

#Pentest #Network #VLAN Open / Comment

2020-10-17 14:22:47 Open / Comment

2020-10-11 17:02:09 SameSite is already here

Were you surprised when your cross-domain attack didn't work? Meet the new reality with SameSite Cookies.

From August Chrome update:
Cookies that do not specify a SameSite attribute will be treated as if they specified SameSite=Lax.

Now Chrome and Safari recognize Cookies without the SameSite attribute as SameSite=Lax by default.

Remind you about SameSite attribute values:

Samesite=Lax
Allows the cookie to be sent on some cross-site requests.
[top-level navigation+GET/HEAD)

Samesite=Strict
Never allows the cookie to be sent on a cross-site request. Only when the user types the website in the URL bar and presses enter.

Samesite=None
Cookies will be sent in all contexts (like before)

You will not be able to exploit the following vulnerabilities in Chrome and Safari without SameSite=None:
> CSRF
> CORS misconfiguration
> XSLeaks
> XSS via POST
> Cross-Site Script Inclusion
> Clickjacking
> JSONP leaks
> WebSocket Hijacking

#Web #Cookies #SameSite Open / Comment

2020-10-11 17:01:51 Open / Comment