02-26-2018, 05:57 PM
Hello folks!
So a friend just sent me that piece of code with the explanation "The following script performs a DNS lookup for a host that a user provides. It uses an HMAC to make sure it is requested from a trusted source.". There is an important bug in it that's making the whole request source verification useless.
Let's see if anybody is able to find it :wink:
So a friend just sent me that piece of code with the explanation "The following script performs a DNS lookup for a host that a user provides. It uses an HMAC to make sure it is requested from a trusted source.". There is an important bug in it that's making the whole request source verification useless.
Let's see if anybody is able to find it :wink:
Hidden Content