Outline ·
[ Standard ] ·
Linear+
Chat CIMB kena hack?
|
brkli
|
 Dec 17 2018, 03:01 PM
|
|
QUOTE(Mummy Shark @ Dec 17 2018, 02:58 PM) I was against calling CAPTCHA a "speed bump". as you said, it is entrenched way to quickly determine humans vs bots. if implemented properly, though not foolproof, it does filter the "less-educated" bots. for "educated" bots, CAPTCHA is not a "speed bump", can solve in fractions of nanoseconds. can you share on the example on how to solve recaptcha(google no captcha recaptcha) in nanosecond? for research/education purpose, i am in IT field. Thanks. This post has been edited by brkli: Dec 17 2018, 03:03 PM |
|
|
|
|
|
brkli
|
Dec 17 2018, 03:03 PM
|
|
|
QUOTE(Mummy Shark @ Dec 17 2018, 03:03 PM) not my line of work. you google computer vision and image recognition. ooo.. :okay: This post has been edited by brkli: Dec 17 2018, 03:06 PM |
|
|
|
|
|
brkli
|
Dec 17 2018, 10:26 PM
|
|
|
QUOTE(MiLKTea @ Dec 17 2018, 10:24 PM) Regarding the captcha at login... how come i can login without going through the captcha???? The captcha is there but i dont ave to go through it; just my username and password and confirm secureword like usual only woh....  This is google no captcha recapatcha, if google "find you" suspicion, it will come out some "challange" for you to solve. if not you are "free to go" |
|
|
|
|
|
brkli
|
Dec 17 2018, 10:48 PM
|
|
|
QUOTE(nightshade_nova @ Dec 17 2018, 10:35 PM) The current situation is under control. But not for long. So many vulnerabilities, they are highly susceptible to exploits and attacks now. Not directly, but through leveraging several weaknesses. The sharks have already smelled the blood in the water. what kinda exploits is it highly susceptible now? and how to leverage several weeknes? care to share, for research/education purpose. thanks. |
|
|
|
|
|
brkli
|
Dec 18 2018, 10:47 AM
|
|
|
QUOTE(C-Fu @ Dec 18 2018, 10:43 AM) since they probably store your PIN number, it's probably possible that the tape backups contains your pin as well right? "IF" it is hash, would not be an issue. that a big IF btw.. This post has been edited by brkli: Dec 18 2018, 10:47 AM |
|
|
|
|
|
brkli
|
Dec 18 2018, 02:29 PM
|
|
|
QUOTE(okuribito @ Dec 18 2018, 02:13 PM) Thx bro, saw that & thinking thru the implications. How does CIMB store passwords? As Is? or after hashing? If after hashing, old passwords longer than 8char should not be able to get in if just key in first 8 chars. Why? becos the hash would be diff. No? Only way can get in is IF the old password was stored As Is. Wonder if that makes sense no, the code snippet does not prove anything on how they store the password. it only shows thier 'lazy' development to do not want to change backend API, so they convert/translate those inputs (for this case password) as front end. |
|
|
|
|
|
brkli
|
Dec 18 2018, 02:38 PM
|
|
|
since this tread people so intreasted on the login process. you can just open developer tools -> console. you can learn abit there... This post has been edited by brkli: Dec 18 2018, 02:38 PM Attached thumbnail(s)
|
|
|
|
|
Quote
0.0184sec
0.94
7 queries
GZIP Disabled