GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Using /% you can generate an error on many servers, and when they have not bothered to hide information it can be revealing.

Download link

https://files.mastodon.social/media_attachments/files/111/545/546/862/269/623/original/47c2ab6794524a6c.png

Notices where this attachment appears

  1. Embed this notice
    she hacked you (ekis@mastodon.social)'s status on Wednesday, 18-Dec-2024 16:53:17 JST she hacked you she hacked you

    Don't have time for a banner grab but still interested in basic info about a server?

    Well taking advantage of a server's inability to process '%' b/c it expects two hex digits to follow; in many cases it errors

    Preventing this from happening is actually easy

    It requires an essential secure programming principle: verify, validate, and sanitize your input

    This principle should be applied to EVERY input, and yes the URL is input

    #infosec #security #it #sysadmin #tech #development #programming

    In conversation 7 months ago from mastodon.social permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.

Embed this notice