The Basic Authentication scheme uses the username and password and encrypts the password using base64 encoding. In spite of this, there are still many security holes in the Basic Authentication scheme. Although the password is stored on the server in encrypted format, it is passed from the client to the server in plain text format across the network. Hence, any attacker listening with a packet sniffer can easily read the username and password in plain text format. The username and password are passed with every request not just when the user first types them, so the packet sniffer need not listen at any particular time, but just long enough to observe any single request coming across the wire. Besides, the encryption used in the authentication is also very insecure and can be easily decoded.

Explore More

Critical SQL injection (vulnerability) in Wati’s Official Website URL : http://www.wationline.com/

PlanetCreator reported another Critical SQL injection (vulnerability) on Wati’s Official Website URL : http://www.wationline.com/ SQL injection is a code injection technique that exploits a security vulnerability occurring in the database

Read More

Basic Remote File Inclusion

Basic Remote File Inclusion DefinitionRemote file inclusion, commonly known as RFI is a form of attack where the attacker trys to inject there own php code inside your php app’s.

Read More

The internet crash of July 17th 1997

This July 17th marks the eleventh anniversary of the famous internet crash. How did the internet crash; the network which was designed to withstand all sorts of catastrophe; even the

Read More