Luca Soldi

  • Home
  • Blog
  • Projects
  • Github
  • About me

REST API Best Security Practices [PRANK]

    Home Random Stuff REST API Best Security Practices [PRANK]
    Previous

    REST API Best Security Practices [PRANK]

    By admin | Random Stuff | 0 comment | 24 December, 2020 | 0

    I love to see how internet is a secure place nowadays 😀 Apps and WebApps everywhere that use very reliable REST APIs.

    This time I found a perfect example to follow if you want to create a secure API for your application. See the screenshot below:

    Generally the aim of APIs is to share some DB infos from server to client…above we can see that this time the developer  has been very observing to choose the variable names.

    The variable “t” could be…for example…”table“? 😀 And the “f“….mmm…”function“?

    Ok ok wait…he definitely check the variable t before using it…

    Wow, user table! Don’t you think that the user with role “admin” has a familiar password hash?

    MD5 (“admin”) = 21232f297a57a5a743894a0e4a801fc3

     

    Icons made by Freepik from www.flaticon.com
    hacking, stupid, webapp

    admin

    More posts by admin

    Related Post

    • Download ItaloLive media content

      By admin | 0 comment

      Boring long trip on an Italian high-speed train? It’s time to update your home media library 😀 Connecting to the train Wi-Fi you can access to an internal nginx server that serves see some mediaRead more

    • How to get duration of Wav file in React Native

      By admin | 0 comment

      I’m writing an audio app in React Native that plays WAV file from local storage. I was looking for a simple and little module to get the duration of WAV files, but I didn’t findRead more

    • How to get artworks for your music library

      By admin | 0 comment

      I’m working on a script to automate tagging and ordering my music library. I love artworks so I had to find a way to take them from the net. I found 2 ways to getRead more

    • My Desk Led Light (APA102 + Arduino Nano + HM10)

      By admin | 2 comments

      I recently changed home and I wanted to create something different in my new work desk. Months ago I created ambilight for my TV with some meters of APA102 led and ambilight software and IRead more

    • [POC] How to travel for free with Italian public transports

      By admin | 0 comment

      Hey remember! It’s a proof of concept 🙂 Before publishing this article I verified that the company not use this technology anymore. Some years ago I did some experiments with my rechargeable card used inRead more

    • Unbrick Proxmark3 with a Raspberry Pi and OpenOCD

      By admin | 4 comments

      Months ago I bricked my Proxmark3 while I was experimenting with the creation of a new antenna for a tag. The leds blinked in a strange way at boot and my mac not recognized anymore theRead more

    Leave a Comment

    Cancel reply

    Your email address will not be published. Required fields are marked *

    Previous

    Categories

    • Android
    • Arduino
    • Bluetooth
    • iOS
    • Random Stuff
    • Raspberry Pi
    • RFID
    • Scraping

    Archives

    • December 2020
    • June 2019
    • January 2019
    • October 2018
    • September 2018
    • May 2017
    • January 2017
    Copyright 2017 Luca Soldi | All Rights Reserved
    • About me
    • Blog
    • Home
    • Projects

    Luca Soldi