Highest Voted 'infoleak' Questions - IT Security Stack Exchange

106

votes

8 answers

Ex-contractor published company source code and secrets online

Just found my current company code on the plain internet. We are talking hundreds of thousands of lines of scripts and configurations, including database schemas and a fair amount of internal information. Looks like an archive of some project(s),…

data-leakage legal infoleak

asked Aug 09 '19 at 10:57

user5994461

1,216
3
12
11

25

votes

3 answers

Computer name naming convention for security

I've been doing a security audit and found out you can easily identify host roles and running services just by their computer name (using nslookup). I would like to report this so that they use less obvious computer names and it becomes harder for…

dns-domain sensitive-data-exposure information-gathering infoleak

asked Jul 04 '19 at 17:02

Xavier59

2,874
3
17
34

18

votes

2 answers

Will this Account Lockout mechanism increase the severity of a information leakage vulnerability that leaks usernames?

I found an information leakage vulnerability on a company website and I found that the information includes all the usernames of the users. I also observed that the application uses a lockout mechanism that locks out users after 5 attempts for 30…

account-security data-leakage infoleak

asked Nov 10 '21 at 18:53

Cloud Learner

195
1
6

7

votes

1 answer

How sensitive are acoustic side-channels to compression with a narrowband codec?

Assume sensitive audio emissions from a mechanical keyboard. These audio emissions are often sufficient to reconstruct the actual key presses that generated the sound. If the audio is compressed using a narrowband audio codec such as G.711, how much…

side-channel compression audio infoleak

asked Apr 27 '21 at 01:20

forest

64,616
20
206
257

6

votes

2 answers

Why did I never see those "spy signal jammers" for sale?

I recently watched a 1980s computer television programme about the problems of spying. Basically, they showed how anyone could buy relatively cheap and common hardware and then be able to sit outside a house, or drive around in a car, and receive…

hardware physical spyware infoleak

asked May 04 '20 at 23:28

Deondrick

61
1

3

votes

0 answers

Identifying kernel pointer infoleaks via static analysis

Leaking pointers from the kernel can be useful to an attacker. Normally, pointers are printed using a special identifier, %pK, which will sanitize them. However, there are times when a kernel pointer is unintentionally revealed, for example because…

linux kernel static-analysis infoleak

asked Nov 17 '18 at 08:12

forest

64,616
20
206
257

2

votes

0 answers

Setting up VPN tunnel: what are the possible ways by which my true IP address could leak?

I bought a subscription to a VPN service and I set up the VPN tunnel using openvpn. In order to avoid DNS leaks, I am using the DNS servers provided by my VPN provider by manually enforcing /etc/resolv.conf. By navigating on the internet, what are…

vpn ip data-leakage infoleak

asked Feb 28 '21 at 10:59

robertspierre

495
2
11

2

votes

1 answer

Is super paranoid use of HaveIBeenPawned password API going to help?

They way I understand HaveIBeenPawned password API is that it's a safe system because the site "can't do much with my partial hash even if they wanted to". But is that really true? Is the following scenario feasible? My password is…

have-i-been-pwned infoleak

asked Jul 26 '19 at 22:03

user3280964

1,130
2
7
13

1

vote

2 answers

Cracking diffie-hellman public key to obtain shared key

I'm given 2 prime numbers, g and n, as well 2 public keys, ga mod n and gb mod n, as part of a leaked Diffie hellman key exchange. I need to derive the shared key gab mod n using the given information. I understand that I have to find a and b which…

diffie-hellman ctf infoleak

asked Feb 14 '21 at 07:04

AnzioElane

11
1

0

votes

0 answers

Side-channel impacts of coil whine and related acoustical phenomena over time

I am aware of one paper (although I forget the name) in which an AES key is extracted from several meters away as a result of coil whine (potentially audible vibration of an inductor coil), but I can't find any research which looks into acoustic…

hardware side-channel audio infoleak

asked Mar 12 '22 at 01:14

forest

64,616
20
206
257

0

votes

1 answer

Does Google Meet leak my IP?

My friend asked me if it possible to get somebody's IP from Google Meet just by being in the same meeting. He found a video that says it is possible. But when I read about webRTC and STUN servers, I got conflicting information. One side told that…

ip google webrtc infoleak

asked Feb 14 '22 at 09:38

Furman

1

0

votes

1 answer

How do hackers take advantage of apps that are known to be leaking personal information?

I'm wondering how apps that leak personally identifiable information can be taken advantage of by hackers? How would they have the infrastructure to capture all that information that come from thousands of users? I'm asking because when analyzing…

data-leakage infoleak

asked Dec 01 '20 at 10:35

Jax

3
1

-1

votes

3 answers

How is it possible that important databases keep getting put online with literally zero security?

The ANPR camera system's internal management dashboard could be accessed by simply entering its IP address into a web browser. No login details or authentication of any sort was needed to view and search the live system Number-Plate Cam Site…

privacy databases data-leakage infoleak

asked Apr 29 '20 at 09:41

Deymian

19

-2

votes

2 answers

Did I just find a bug in CloudFlare or is this a feature?

While doing penetration testing for a client I stumbled upon a security incident. CloudFlare promises to hide the origin IP address when using its DNS. I went to dnsdumpster.com, inputted my client's domain and there I found my client's ORIGIN IP…

network-scanners cloudflare infoleak

asked Oct 02 '19 at 18:23

Sir Muffington

1,447
2
9
22

Questions tagged [infoleak]