Jump to content
mah_one

"Cei 3 .....","Primii 3"

By mah_one, in Off-topic

Recommended Posts

Pastilatu' Newbie

Pastilatu'

Posted
Posted (edited)

V-as zice eu cum sta treaba cu CSD :) . Nu de alta dar fara mine nu ar fi existat. @Aerosol stie mai bine ca spun adevarul ca i-am aratat conversatia intre mine si TK . Hai sa va dau un preview. Avand in vedere ca eu il cunosteam pe Madalin de mai mult timp, omu cauta oameni care sa dea articole jos pentru anumite persoane, firme, oameni de afaceri. I l-am recomandat pe Tinkode ... vorba din ce fac ei sa imi dea si mie un procent, mi-a dat prin gura ;) m-au sarit din schema si acuma nu se mai suporta. I-am incercat sa vad daca ma baga la ei in firma, ca gest, ca fara mine ei 2 nu se cunosteau deci evident CSD nu exista. Si e clar la ce sa ajuns ....la magarii de genu " da te bag in team dar daca sti ce am eu nevoie" . In cazul meu , zic si eu daca nu sunt eu prea nesimtit sau cer prea mult ... nu cred ca era cazul sa mi se zica asa .... . Fie concluziile sunt ale voastre.

In principiu ... totul e un ShowOff , prost regizat de Madalin si Tinkode. Si restul din echipa ,baiatul lor de se ocupa de servere Dacian, nu are nici o treaba cu securizarea reala a unui server, dar nici o treaba. Majoritatea echipei este VARZA, cel putin echipa publicata pe website. 


[3/10/2015 6:25:16 PM] The Slacker: Nu lucrez la Madalin.
[3/10/2015 6:25:20 PM] The Slacker: Lucrez cu Madalin.
[3/10/2015 6:25:39 PM] Razvan  Spiry Media: da ma  asa "cu" dar nu trebuie sa suferi cu asta
[3/10/2015 6:25:45 PM] Razvan  Spiry Media: ca oricum ati jucat murder si m-ati sarit din schema
[3/10/2015 6:25:55 PM] Razvan  Spiry Media: ca daca nu eram eu lucrai la drumuri si poduri
[3/10/2015 6:25:59 PM] The Slacker: Pai e diferenta ...
[3/10/2015 6:26:08 PM] The Slacker: Clar 
[3/10/2015 6:26:10 PM] Razvan  Spiry Media: pai e diferenta eu zic sa nu ti-o arzi aiurea
[3/10/2015 6:26:15 PM] Razvan  Spiry Media: cu diferentele cu mine
[3/10/2015 6:26:26 PM] The Slacker: 
[3/10/2015 6:26:31 PM] Razvan  Spiry Media: ca e aiurea bate prost
[3/10/2015 6:26:37 PM] Razvan  Spiry Media: poti sa faci asta cu copii
[3/10/2015 6:26:43 PM] Razvan  Spiry Media: dar cu mine ? 
[3/10/2015 6:26:50 PM] Razvan  Spiry Media: da-o in plm de treaba de parca ne stim de azi de maine
[3/10/2015 6:26:53 PM] The Slacker: Cacat... 
[3/10/2015 6:26:57 PM] The Slacker: Suparici


[3/10/2015 6:46:32 PM] Razvan  Spiry Media: dar e vorba de gest
[3/10/2015 6:46:36 PM] Razvan  Spiry Media: nu e vorba de nimic altceva
[3/10/2015 6:46:54 PM] The Slacker: Hmm...
[3/10/2015 6:47:03 PM] The Slacker: Iti explic repede intr-un minut.
[3/10/2015 6:47:23 PM] The Slacker: Atunci cand m-ai recomandat lui Madalin ca avea el nu stiu ce intrebari
[3/10/2015 6:47:42 PM] The Slacker: Nu am discutat nimic cu el
[3/10/2015 6:47:47 PM] The Slacker: legat de vreo firma....
[3/10/2015 6:47:52 PM] The Slacker: Era cu totul si cu totul altceva.
[3/10/2015 6:47:57 PM] The Slacker: Iar idea cu firma
[3/10/2015 6:48:00 PM] Razvan  Spiry Media: asa si daca nu eram eu sa iti fac legatura cu madalin asa ....tu mai aveai CSD acuma ?
[3/10/2015 6:48:00 PM] The Slacker: eu am venit...
[3/10/2015 6:49:44 PM] The Slacker: Madalin a fost deschis sa incerce ce eu I-am propus.
[3/10/2015 6:50:00 PM] The Slacker: Daca nu as face asta... ce plm sa fac?
[3/10/2015 6:50:01 PM] Razvan  Spiry Media: esti baiat , ce pot sa zic ai dato in diverse cand sti care e adevarul aia e
[3/10/2015 6:50:03 PM] The Slacker: Cand altceva nu stiu?
[3/10/2015 6:50:04 PM] Razvan  Spiry Media: spor la drum
[3/10/2015 6:50:05 PM] The Slacker: Sa fiu taximetru
[3/10/2015 6:50:07 PM] Razvan  Spiry Media: si ne auzim
[3/10/2015 6:50:07 PM] The Slacker: 
[3/10/2015 6:50:25 PM] The Slacker: Te inseli...
[3/10/2015 6:50:28 PM] The Slacker: Trust me.
[3/10/2015 6:50:34 PM] The Slacker: habar nu am de ce esti suparat
[3/10/2015 6:50:39 PM] The Slacker: dar te inseli.

Edited by Pastilatu'
russiancoder Newbie

russiancoder

Posted
Posted
Mie mi-a placut aia cu n-avem buton de log out. :))

Link: https://www.owasp.org/index.php/Testing_for_logout_functionality_%28OTG-SESS-006%29 


Summary
Session termination is an important part of the session lifecycle. Reducing to a minimum the lifetime of the session tokens decreases the likelihood of a successful session hijacking attack. This can be seen as a control against preventing other attacks like Cross Site Scripting and Cross Site Request Forgery. Such attacks have been known to rely on a user having an authenticated session present. Not having a secure session termination only increases the attack surface for any of these attacks.


A secure session termination requires at least the following components:

Availability of user interface controls that allow the user to manually log out.
Session termination after a given amount of time without activity (session timeout).
Proper invalidation of server-side session state.

There are multiple issues which can prevent the effective termination of a session. For the ideal secure web application, a user should be able to terminate at any time through the user interface. Every page should contain a log out button on a place where it is directly visible. Unclear or ambiguous log out functions could cause the user not trusting such functionality.


Another common mistake in session termination is that the client-side session token is set to a new value while the server-side state remains active and can be reused by setting the session cookie back to the previous value. Sometimes only a confirmation message is shown to the user without performing any further action. This should be avoided.


Some web application frameworks rely solely on the session cookie to identify the logged-on user. The user's ID is embedded in the (encrypted) cookie value. The application server does not do any tracking on the server-side of the session. When logging out, the session cookie is removed from the browser. However, since the application does not do any tracking, it does not know whether a session is logged out or not. So by reusing a session cookie it is possible to gain access to the authenticated session. A well-known example of this is the Forms Authentication functionality in ASP.NET.


Users of web browsers often don't mind that an application is still open and just close the browser or a tab. A web application should be aware of this behavior and terminate the session automatically on the server-side after a defined amount of time.


The usage of a single sign-on (SSO) system instead of an application-specific authentication scheme often causes the coexistence of multiple sessions which have to be terminated separately. For instance, the termination of the application-specific session does not terminate the session in the SSO system. Navigating back to the SSO portal offers the user the possibility to log back in to the application where the log out was performed just before. On the other side a log out function in a SSO system does not necessarily cause session termination in connected applications.

Aerosol Newbie

Aerosol

Posted
Posted

@Pastilatu' stiu povestea totusi lasa baiatu sa se simta bine. :))

Oricum e de apreciat ca au ajuns unde au ajuns si atata tot. ( ar fi mai ok sa-i lasam in pace si sa nu mai vorbim de ei fiindca tot publicitate se numeste si asta. )

Pastilatu' Newbie

Pastilatu'

Posted
Posted (edited)
@TinKode care e un lurker p'aici ... :
. Adevarul e un lux si nu ti-l permiti e mai usor sa minti. Zi mersi ca numai am arhivele de pe vremea cand cerseai atentie si te rugai sa te angajeze cineva ... :)
Edited by Pastilatu'
QUADMACHINE Newbie

QUADMACHINE

Posted
Posted

Nu inteleg de ce atata tam tam pentru o asemenea persoana, cu cat ii da-ti atentie cu atat mai mult creste inima in el ca se simte important.Parca il si vad pe scaun la birou accesand pe redtube, pardon youtube (nu's obisnuit cu tube asta sau lube, depinde) melodia lui preferata cand ii acordati atentie

=)

LE: Mui3 quadmachine ca ai pus manele, f3m3m3.

wHoIS Apprentice

wHoIS

Posted
Posted

2015 si inca se discuta despre asta. In 2020 ce o sa faceti ? Ca si aia de se luau de Aerosol ca da ca Salam fara numar la posturi si tot nu au rezolvat nimic.

In ziua de azi esti considerat doar o unealta folosita pentru propriul interes. Daca te lasi folosit nu el pierde ci tu.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...