Weak Fraud Check vulnerable to Brute Force


We've seen a fraud check is being used in some web applications such as billings, and email registration such as Gmail. Here, a traditional habit is still used by developers. This is verification by digits only.


Comments

Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

HttpOnly Session ID in URL and Page Body | Cross Site Scripting

From Vulnerability to Exploit (Joomla! SQL Injection)