정보보안

# Python Snippet 1server.py 1 from http.server import BaseHTTPRequestHandler, HTTPServer2 from http.cookies import SimpleCookie3 import base644 import pickle5 6 class MyServer(BaseHTTPRequestHandler):7 def doGET(self):8 cookies = SimpleCookie(self.headers.get('Cookie'))9 if cookies.get('username'):10 username = pickle.loads(base64.b64decode(cookies.get('u..

# JAVA Snippet 1Secure.java1 import java.util.Base64;2 import java.security.MessageDigest;3 import java.security.SecureRandom;4 import java.nio.charset.StandardCharsets;5 public class Secure {6 private static String secret = "[...]";7 8 public static String build_redirect() throws Exception {9 SecureRandom rand = new SecureRandom();10 String tx_id=String.valueOf(rand.nextInt(100000))..

# PHP Snippet 1jwt.php1 $parts = explode('.', $_GET['jwt']);2 $algorithms = array('HS256', 'HS384', 'HS512');3 if (3 !== count($parts)) {4 throw new \InvalidArgumentException('Invalid or malformed JWT supplied.');5 }6 $header = json_decode(self::decode($parts[0]), true);7 if (in_array($header['alg'], $algorithms)) {8 ...9 } PHP 8 이전 버전에서 발생할 수 있는 취약 코드다.몇 번 라인의 코드에서 어떤 취약점이 발생할 수 있을까? 정답은 아래..