DREHSEC IT Security&Research
  • Blog
  • DREHSEC IT Security&Research
  • meme.drehsec.tk

RFC3966: Parsing phone numbers is hard :D

  • Christopher Bleckmann-Dreher

Christopher Bleckmann-Dreher

Dec 17, 2022

Did you know you can hide your payloads in phone numbers? ☎️😱
RFC3966 specifies parameters for valid phone numbers that can contain characters. @securinti discovered that popular libraries are vulnerable and that it can lead to XSS and even ATO!πŸ”₯#BugBountyTips #NahamCon2022EU pic.twitter.com/tNUVyZu7Oz

— INTIGRITI (@intigriti) December 17, 2022

IT Outsourcing it almost never works

That's my personal opinion, that I collected over almost two decades of all weird IT stories. The following story makes me also believe, that Microsoft choose a shady supplier β€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œβ€Œfor some support tasks. I can't believe it. My official Microsoft Store Windows 10 Pro key wouldn't activate. Support couldn't help
Mar 16, 2023

Good and cheap VPS'es

As a security guy, I like to explore the Internetz. Therefore, having a system with good connectivity and sufficient resources is key. Over the years I tested a lot.β€Œ For some of the short-living tasks, I just start an instance on AWS, Linode or DigitalOceans. All have their pros and
Feb 11, 2023 2 min read
Welcome 2023 with lot's of memes

Welcome 2023 with lot's of memes

Hi guys, new year, worls is still collapsing. So, as this trend is going on and so much weird things are happening on a daily basis. I think it's time to spread some love/hate with more memes. Thankfully, https://github.com/jacebrowning provides a very feature-rich meme generator. https:
Jan 2, 2023 1 min read
DREHSEC IT Security&Research © 2023
  • memegen docs
Powered by Ghost