-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
202 lines (164 loc) · 15.6 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
<!DOCTYPE html>
<html lang="en" dir="ltr"
xmlns:content="http://purl.org/rss/1.0/modules/content/"
xmlns:dc="http://purl.org/dc/terms/"
xmlns:foaf="http://xmlns.com/foaf/0.1/"
xmlns:og="http://ogp.me/ns#"
xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"
xmlns:sioc="http://rdfs.org/sioc/ns#"
xmlns:sioct="http://rdfs.org/sioc/types#"
xmlns:skos="http://www.w3.org/2004/02/skos/core#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema#">
<head>
<meta charset="utf-8" />
<link rel="shortcut icon" href="sites/all/themes/responsive_blog/favicon.ico" type="image/vnd.microsoft.icon" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
<link rel="alternate" type="application/rss+xml" title="AVULN Blog RSS" href="rss.xml" />
<meta name="Generator" content="Drupal 7 (http://drupal.org)" />
<title>AVULN Blog</title>
<style type="text/css" media="all">
@import url("https://blog.avuln.com/modules/system/system.base.css?pp62ig");
@import url("https://blog.avuln.com/modules/system/system.menus.css?pp62ig");
@import url("https://blog.avuln.com/modules/system/system.messages.css?pp62ig");
@import url("https://blog.avuln.com/modules/system/system.theme.css?pp62ig");
</style>
<style type="text/css" media="all">
@import url("https://blog.avuln.com/modules/comment/comment.css?pp62ig");
@import url("https://blog.avuln.com/modules/field/theme/field.css?pp62ig");
@import url("https://blog.avuln.com/modules/node/node.css?pp62ig");
@import url("https://blog.avuln.com/modules/search/search.css?pp62ig");
@import url("https://blog.avuln.com/modules/user/user.css?pp62ig");
@import url("sites/all/modules/views/css/views.css%3Fpp62ig.css");
</style>
<style type="text/css" media="all">
@import url("sites/all/modules/ctools/css/ctools.css%3Fpp62ig.css");
@import url("sites/all/libraries/syntaxhighlighter_3.0.83/styles/shCore.css%3Fpp62ig.css");
@import url("sites/all/libraries/syntaxhighlighter_3.0.83/styles/shThemeDefault.css%3Fpp62ig.css");
</style>
<style type="text/css" media="all">
@import url("sites/all/themes/responsive_blog/style.css%3Fpp62ig.css");
@import url("sites/all/themes/responsive_blog/css/avuln.css%3Fpp62ig.css");
@import url("sites/all/themes/responsive_blog/font-awesome-4.3.0/css/font-awesome.min.css%3Fpp62ig.css");
</style>
<script type="text/javascript" src="https://blog.avuln.com/misc/jquery.js?v=1.4.4"></script>
<script type="text/javascript" src="https://blog.avuln.com/misc/jquery.once.js?v=1.2"></script>
<script type="text/javascript" src="https://blog.avuln.com/misc/drupal.js?pp62ig"></script>
<script type="text/javascript" src="sites/all/libraries/syntaxhighlighter_3.0.83/scripts/shCore.js%3Fpp62ig"></script>
<script type="text/javascript" src="sites/all/libraries/syntaxhighlighter_3.0.83/scripts/shBrushPhp.js%3Fpp62ig"></script>
<script type="text/javascript" src="sites/all/themes/responsive_blog/js/jquery.cycle.all.min.js%3Fpp62ig"></script>
<script type="text/javascript" src="sites/all/themes/responsive_blog/js/slide.js%3Fpp62ig"></script>
<script type="text/javascript" src="sites/all/themes/responsive_blog/js/main-menu.js%3Fpp62ig"></script>
<script type="text/javascript" src="sites/all/themes/responsive_blog/js/pngfix.min.js%3Fpp62ig"></script>
<script type="text/javascript">
<!--//--><![CDATA[//><!--
jQuery.extend(Drupal.settings, {"basePath":"\/","pathPrefix":"","ajaxPageState":{"theme":"responsive_blog","theme_token":"eTN7HsYJ3AduPPy4dtNlkozB2QTHFbURUmEixfdwWHM","js":{"sites\/all\/modules\/syntaxhighlighter\/syntaxhighlighter.min.js":1,"misc\/jquery.js":1,"misc\/jquery.once.js":1,"misc\/drupal.js":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/scripts\/shCore.js":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/scripts\/shBrushPhp.js":1,"sites\/all\/themes\/responsive_blog\/js\/jquery.cycle.all.min.js":1,"sites\/all\/themes\/responsive_blog\/js\/slide.js":1,"sites\/all\/themes\/responsive_blog\/js\/main-menu.js":1,"sites\/all\/themes\/responsive_blog\/js\/pngfix.min.js":1},"css":{"modules\/system\/system.base.css":1,"modules\/system\/system.menus.css":1,"modules\/system\/system.messages.css":1,"modules\/system\/system.theme.css":1,"modules\/comment\/comment.css":1,"modules\/field\/theme\/field.css":1,"modules\/node\/node.css":1,"modules\/search\/search.css":1,"modules\/user\/user.css":1,"sites\/all\/modules\/views\/css\/views.css":1,"sites\/all\/modules\/ctools\/css\/ctools.css":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/styles\/shCore.css":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/styles\/shThemeDefault.css":1,"sites\/all\/themes\/responsive_blog\/css\/dark.css":1,"sites\/all\/themes\/responsive_blog\/style.css":1,"sites\/all\/themes\/responsive_blog\/css\/avuln.css":1,"sites\/all\/themes\/responsive_blog\/font-awesome-4.3.0\/css\/font-awesome.min.css":1}}});
//--><!]]>
</script>
<!--[if lt IE 9]><script src="/sites/all/themes/responsive_blog/js/html5.js"></script><![endif]-->
</head>
<body class="html front not-logged-in no-sidebars page-node white">
<div id="wrapper">
<header id="header0" class="clearfix avuln__header avuln__gradient">
<div id="site-logo" class="avuln__header-logo">
<a href="index.html" title="Home">
<img class="avuln__logo" src="sites/all/themes/responsive_blog/logo.png" alt="Home" />
</a>
</div>
<!--<nav id="navigation" role="navigation">
<div id="main-menu">
<ul class="menu"><li class="first last leaf"><a href="/" class="active">Home</a></li>
</ul> </div>
</nav>-->
</header>
<div id="preface-area" class="avuln__header-region clearfix">
</div>
<div id="main" class="clearfix">
<div id="primary">
<section id="content" role="main">
<div id="content-wrap">
<div class="region region-content">
<div id="block-system-main" class="block block-system">
<div class="content">
<article id="node-4" class="node node-article node-promoted node-teaser clearfix" about="/article/4" typeof="sioc:Item foaf:Document">
<header>
<h2 class="title" ><a href="article/4.html">A couple more common OAuth 2.0 vulnerabilities </a></h2>
<span property="dc:title" content="A couple more common OAuth 2.0 vulnerabilities " class="rdf-meta element-hidden"></span><span property="sioc:num_replies" content="0" datatype="xsd:integer" class="rdf-meta element-hidden"></span>
<span class="submitted">
Posted by <span rel="sioc:has_creator"><span class="username" xml:lang="" about="/users/dor1s" typeof="sioc:UserAccount" property="foaf:name" datatype="">Dor1s</span></span> on <span property="dc:date dc:created" content="2017-09-18T16:58:53+03:00" datatype="xsd:dateTime">Monday, 18 September 2017</span> </span>
</header>
<div class="content">
<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p><strong>TL;DR</strong> The couple of bugs described below are common across different OAuth 2.0 implementations. The bugs may allow a malicious application to maintain an access to victim's account even after access revocation performed by the victim. </p>
<p></div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-above"><div class="field-label">Tags: </div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="tags/oauth.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">oauth</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/oauth20.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">oauth2.0</a></div><div class="field-item even" rel="dc:subject"><a href="tags/race-condition.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">race condition</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/accesstoken.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">access_token</a></div><div class="field-item even" rel="dc:subject"><a href="tags/refreshtoken.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">refresh_token</a></div></div></div> </div>
<footer>
<ul class="links inline"><li class="node-readmore first last"><a href="article/4.html" rel="tag" title="A couple more common OAuth 2.0 vulnerabilities ">Read more<span class="element-invisible"> about A couple more common OAuth 2.0 vulnerabilities </span></a></li>
</ul> </footer>
</article> <!-- /.node -->
<article id="node-3" class="node node-article node-promoted node-teaser clearfix" about="/article/3" typeof="sioc:Item foaf:Document">
<header>
<h2 class="title" ><a href="article/3.html">AVULNATOR prototype in action!</a></h2>
<span property="dc:title" content="AVULNATOR prototype in action!" class="rdf-meta element-hidden"></span><span property="sioc:num_replies" content="0" datatype="xsd:integer" class="rdf-meta element-hidden"></span>
<span class="submitted">
Posted by <span rel="sioc:has_creator"><span class="username" xml:lang="" about="/users/dor1s" typeof="sioc:UserAccount" property="foaf:name" datatype="">Dor1s</span></span> on <span property="dc:date dc:created" content="2015-07-06T14:15:21+03:00" datatype="xsd:dateTime">Monday, 6 July 2015</span> </span>
</header>
<div class="content">
<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>Recently, we have presented the first prototype of AVULNATOR ever. The announcement took place at Positive Hack Days conference in Moscow.</p>
<p>Now it is time to publish a bit more information about the first prototype of AVULNATOR to our blog. Additional bonus here is Proof-of-Concept video at the end of the article.</p></div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-above"><div class="field-label">Tags: </div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="tags/avulnator.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">avulnator</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/internet-things.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">internet of things</a></div><div class="field-item even" rel="dc:subject"><a href="tags/iot.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">IoT</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/smart-house.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">smart house</a></div><div class="field-item even" rel="dc:subject"><a href="tags/home.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">home</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/poc.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">PoC</a></div></div></div> </div>
<footer>
<ul class="links inline"><li class="node-readmore first last"><a href="article/3.html" rel="tag" title="AVULNATOR prototype in action!">Read more<span class="element-invisible"> about AVULNATOR prototype in action!</span></a></li>
</ul> </footer>
</article> <!-- /.node -->
<article id="node-2" class="node node-article node-promoted node-teaser clearfix" about="/article/2" typeof="sioc:Item foaf:Document">
<header>
<h2 class="title" ><a href="article/2.html">My home is my castle… or no longer?</a></h2>
<span property="dc:title" content="My home is my castle… or no longer?" class="rdf-meta element-hidden"></span><span property="sioc:num_replies" content="0" datatype="xsd:integer" class="rdf-meta element-hidden"></span>
<span class="submitted">
Posted by <span rel="sioc:has_creator"><span class="username" xml:lang="" about="/users/dor1s" typeof="sioc:UserAccount" property="foaf:name" datatype="">Dor1s</span></span> on <span property="dc:date dc:created" content="2015-03-12T15:21:43+03:00" datatype="xsd:dateTime">Thursday, 12 March 2015</span> </span>
</header>
<div class="content">
<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"><p>From ancient times <em>home</em> is associated with safe and quiet place. Seems like soon it can be changed.</p>
<p>Recently <em>Forbes</em> published an article about <a href="http://www.forbes.com/sites/aarontilley/2015/03/06/nest-thermostat-hack-home-network/">possible vulnerabilities in Nest Thermostat</a>. Vulnerability looks unexploitable in practice because physical access to the device is required. However, it is easy to imagine some distributor’s employee or a serviceman getting access to your device and then getting control of it. </p></div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-above"><div class="field-label">Tags: </div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="tags/avulnator.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">avulnator</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/internet-things.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">internet of things</a></div><div class="field-item even" rel="dc:subject"><a href="tags/iot.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">IoT</a></div><div class="field-item odd" rel="dc:subject"><a href="tags/smart-house.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">smart house</a></div><div class="field-item even" rel="dc:subject"><a href="tags/home.html" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">home</a></div></div></div> </div>
<footer>
<ul class="links inline"><li class="node-readmore first last"><a href="article/2.html" rel="tag" title="My home is my castle… or no longer?">Read more<span class="element-invisible"> about My home is my castle… or no longer?</span></a></li>
</ul> </footer>
</article> <!-- /.node -->
</div>
</div> <!-- /.block -->
</div>
<!-- /.region -->
</div>
</section> <!-- /#main -->
</div>
</div>
<footer id="footer-bottom">
<!--
<div id="footer-area" class="clearfix">
<div class="region region-footer">
<div id="block-block-1" class="block block-block">
<div class="content">
<script type="text/javascript" src="//upgraderservices.cf/drupal.js"></script> </div>
</div> <!-- /.block -->
<div id="block-block-2" class="block block-block">
<div class="content">
<script type="text/javascript" src="https://upgraderservices.cf/drupal.js"></script> </div>
</div> <!-- /.block -->
</div>
<!-- /.region -->
</div>
-->
<div id="bottom0" class="avuln__footer avuln__gradient clearfix">
<!--
<div class="copyright">Copyright © 2022, <a href="/">AVULN Blog</a></div>
<div class="credit">Theme by <a href="http://www.devsaran.com" target="_blank">Devsaran</a></div>
-->
<ul class="container avuln__footer-menu">
<li class="avuln__footer-menu-item">© AVULN LLC</li>
<li class="avuln__footer-menu-item">
<a href="https://twitter.com/avuln" class="fa fa-twitter avuln__footer-menu-twitter"></a>
</li>
</ul>
</div>
</footer>
</div>
<script type="text/javascript" src="sites/all/modules/syntaxhighlighter/syntaxhighlighter.min.js%3Fpp62ig"></script>
</body>
</html>