Steam's login method is kinda interesting

How do you send a password over the internet? You acquire a SSL certificate and let TLS do the job of securely transporting the password from client to server. Of course it’s not as cut-and-dry as I’m making it out to be, but the gist of it holds true and stood the test of time. This hasn’t always been this way though, and one incredibly popular storefront on the world wide web prefers to add a little extra to this day. I’ll be discussing Steam’s unique method of logging in their users, and go down a deep rabbit hole of fascinating implementation details.

Read more.

TryHackMe: Dave's Blog Writeup

Dave’s Blog is a room over at TryHackMe with a hard difficulty rating. Dave is ready to show his blog to the world, but he forgot to properly secure his super secret admin panel. After some NoSQL injection to bypass the admin login page, we’re able to send off code that is executed by a Node.JS runtime hosted on the server. The final step to root involves exploiting a binary in one of many possible ways thanks to return-oriented programming.

Read more.

Analyzing noscript usage, and being tracked in the process

When designing the theme for my personal blog, I wanted to make sure that the site would work just fine with JavaScript disabled. All kinds of scripts on this site are merely to add some neat little features here and there. However, this made me wonder about the state of the modern web and its reliance on scripts in the browser. What happens if you strip them away? I checked how websites deal with browsers that don’t allow JavaScript, taking the noscript HTML element as my metric of choice. And although fewer websites broke than I initially suspected, it shows that you don’t need scripts to effectively track people.

Read more.