The fact that this port is not only still open, but also returns a well-formed response, is a concern. Of course they could just return that string, and keep a list of whoever is trying to talk to that port. (RS) Tyler Schroder wrote: > A correction seems to be issued for both endpoints, POC links are returning > "INVALID_SESSION". Might still be breakable given some time, but something > tells me they're getting a lot of free pentesting right now :) > > R. S. Tyler Schroder > >
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment