overview for solidsnail

1

npm search RCE? - Escape Sequence Injection (blog.solidsnail.com)

submitted 1 year ago by [email protected] to c/[email protected]

0 comments fedilink

1

npm search RCE? - Escape Sequence Injection (blog.solidsnail.com)

submitted 1 year ago by [email protected] to c/[email protected]

0 comments fedilink

1

It’s not a Feature, It’s a Vulnerability (blog.solidsnail.com)

submitted 1 year ago by [email protected] to c/[email protected]

0 comments fedilink

cross-posted from: https://infosec.pub/post/5707149

I talk about a report I've made to MSRC in the beginning of the year regarding vscode.

It's a bit different. There's no in depth technical stuff, because I basically just reported the feature, not a bug.

1

It’s not a Feature, It’s a Vulnerability (blog.solidsnail.com)

submitted 1 year ago by [email protected] to c/[email protected]

0 comments fedilink

I talk about a report I've made to MSRC in the beginning of the year regarding vscode.

It's a bit different. There's no in depth technical stuff, because I basically just reported the feature, not a bug.

1

From Terminal Output to Arbitrary Remote Code Execution (blog.solidsnail.com)

submitted 2 years ago by [email protected] to c/[email protected]

0 comments fedilink

cross-posted from: https://infosec.pub/post/2466014

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

1

From Terminal Output to Arbitrary Remote Code Execution (blog.solidsnail.com)

submitted 2 years ago by [email protected] to c/[email protected]

0 comments fedilink

cross-posted from: https://infosec.pub/post/2466014

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

1

From Terminal Output to Arbitrary Remote Code Execution (blog.solidsnail.com)

submitted 2 years ago by [email protected] to c/[email protected]

0 comments fedilink

cross-posted from: https://infosec.pub/post/2466014

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

1

From Terminal Output to Arbitrary Remote Code Execution (blog.solidsnail.com)

submitted 2 years ago by [email protected] to c/[email protected]

0 comments fedilink

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

Which browsers are best for privacy? in c/[email protected]

[–] [email protected] 0 points 2 years ago (1 children)

I think they're lacking explanation of what the data means.

This can be very nuanced, and dependent on your goals.

For example, in the context of fingerprinting, sometimes it's better to provide fake data instead of no data, because that itself can be a unique characteristic.