tag:blogger.com,1999:blog-8508344381521415235.post794585967524019086..comments2024-02-10T02:19:53.889-08:00Comments on Egor Homakov: Path Encoding Vulnerability in https/www redirects.homakovhttp://www.blogger.com/profile/10492045246792330280noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-8508344381521415235.post-3670554766942627392014-01-09T10:41:12.046-08:002014-01-09T10:41:12.046-08:00my email is in Contactsmy email is in Contactshomakovhttps://www.blogger.com/profile/10492045246792330280noreply@blogger.comtag:blogger.com,1999:blog-8508344381521415235.post-43170540176224975792014-01-09T01:36:53.752-08:002014-01-09T01:36:53.752-08:00hi there egor, im reading all your post since earl...hi there egor, im reading all your post since early 2013. can i ask something? can you give me your email? im gonna tell / ask something, i recently found a bug on facebook and i need your help in confirming it, thanks in advance.<br /><br />Here is my email if you want to email me: tolstoivladimir@gmail.com<br /><br />-VladimirGrandTheftAddict27https://www.blogger.com/profile/10873340354143912765noreply@blogger.comtag:blogger.com,1999:blog-8508344381521415235.post-60929112729914724972014-01-03T20:39:34.902-08:002014-01-03T20:39:34.902-08:00really? do you have 6.5+ demo online i could check...really? do you have 6.5+ demo online i could check?<br /><br />I assumed last version is vulnerable because all MS sites like microsoft.com and hotmail.com were left vulnerable.<br /><br />on top of that IIS security team doesn't understand the issuehomakovhttps://www.blogger.com/profile/10492045246792330280noreply@blogger.comtag:blogger.com,1999:blog-8508344381521415235.post-37042844378590698422014-01-03T06:59:34.774-08:002014-01-03T06:59:34.774-08:00About "Microsoft IIS is vulnerable by default...About "Microsoft IIS is vulnerable by default..." you are quite wrong, just IIS 6.5 is vulnerable, and only if the IT doesn't install the patch, but 99% IIS 6.5 are fixed.<br /><br />Just a remark apache and nginx are also vulnerable by default, if you don't know how to configure them.<br /><br />;)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8508344381521415235.post-86626734686288474652014-01-02T18:15:21.341-08:002014-01-02T18:15:21.341-08:00Встречали такое, ога :)Встречали такое, ога :)Bo0oMhttps://www.blogger.com/profile/12810506655147316937noreply@blogger.com