Challenges Archives - 7ASecurity Blog https://7asecurity.com/blog/ Helping you secure apps and websites Thu, 09 Jan 2025 13:22:25 +0000 en-US hourly 1 https://7asecurity.com/blog/contents/uploads/2019/06/favicon.ico Challenges Archives - 7ASecurity Blog https://7asecurity.com/blog/ 32 32 Password Storage Challenge: bcrypt or loop salted hashes? https://7asecurity.com/blog/2012/06/password-storage-bcrypt-or-loop-salted/ https://7asecurity.com/blog/2012/06/password-storage-bcrypt-or-loop-salted/#comments Tue, 26 Jun 2012 06:26:00 +0000 Background A recent data breach on the LinkedIn database leaked around 6.5 million salted hashes. This ignited a healthy debate in the security community: – Some people said you should only use bcrypt and that salted passwords are useless – It was clear that LinkedIn failed to salt their passwords: This is the immediate worst option …

The post Password Storage Challenge: bcrypt or loop salted hashes? appeared first on 7ASecurity Blog.

]]> https://7asecurity.com/blog/2012/06/password-storage-bcrypt-or-loop-salted/feed/ 2 Embedding untrusted HTML XSS+ challenge https://7asecurity.com/blog/2012/01/embedding-untrusted-html-xss-challenge/ https://7asecurity.com/blog/2012/01/embedding-untrusted-html-xss-challenge/#comments Thu, 26 Jan 2012 13:24:00 +0000 Where this came from – skip to the end for the challenge if you do not care 🙂 During the OWTF workshop at BSides Vienna the interaction with the audience was great. For the purpose of this blog post the conversation on embedding HTML input from an untrusted source developed as follows: – Olaf first asked …

The post Embedding untrusted HTML XSS+ challenge appeared first on 7ASecurity Blog.

]]> https://7asecurity.com/blog/2012/01/embedding-untrusted-html-xss-challenge/feed/ 2