Insecure passwords

Was in the middle of a "Penetration Testing" exercise and came across an application that sends the users' credentials in cleartext. I was surprised as I rarely encounter this scenario.
This got me thinking if popular apps such as "Facebook" and "Gmail" send our credentials in cleartext too? Fired up "Paros" and the rest they say is history.


No comments:

Post a Comment

dnsaudit.py

 Since I was on a roll with Copilot, I decided to automate DNSSEC auditing with the following Python script. import subprocess import sys im...