전체 글2 Struggles in deploy and configuring vpn. So recently I had to deploy a vpn server which supports sso, so that company user can login to the vpn server using the company idp and securely access the company private server. Split tunnel So instead of routing all the internet traffic from the vpn server which wasn't necessary since goal wasn't to ensure privacy instead was to allow secure access to company's intranet also routing all traff.. 2023. 1. 26. [TIL] - Day 1 XSS [ Failed ] Application allowed uploading files via drag/drop and file explorer. While appending filename in dom it wasn't santizing filename which allowed xss using filename ie .html Since type of xss is self here. It means user had to upload such files with malicious name to trigger the xss which is no fun . So I tried exploring other ways to make user upload filename with a xss payload to .. 2022. 8. 2. 이전 1 다음
