One Line of Code that Compromises Your Server
Forgive the click-bait title, but Jack Singleton really is talking about how
one line in a web-application configuration can hand the keys of a server out to an
attacker. The line of code in question sets the key for signing and encrypting
cookies. In this first installment, Jack shows how it's surprisingly easy to
crack a poorly chosen key for this purpose, which is the first step that will
lead him to a shell on the server.
No comments have been added yet.
Martin Fowler's Blog
- Martin Fowler's profile
- 1099 followers
Martin Fowler isn't a Goodreads Author
(yet),
but they
do have a blog,
so here are some recent posts imported from
their feed.
