Utterly fascinating flaw in the way *nix systems handle requests to 0.0.0.0 in browsers.
https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser
#http #browser #rfc1122
Bill /
npub13y…2p3eh
2024-08-09 03:42:56
Author Public Key
npub13yzl843d5qh3rxjqq4ztj2w9av2q6mjvqh4pc0l5jp6maamzxnnq92p3ehPublished at
2024-08-09 03:42:56Event JSON
{
"id": "11bece05eb38202a1a1b494877ec27aee03ae72cad58a5439fd5bd772a4ec5ef",
"pubkey": "8905f3d62da02f119a400544b929c5eb140d6e4c05ea1c3ff49075bef76234e6",
"created_at": 1723174976,
"kind": 1,
"tags": [
[
"t",
"http"
],
[
"t",
"browser"
],
[
"t",
"rfc1122"
],
[
"proxy",
"https://infosec.exchange/users/Sempf/statuses/112929995273014678",
"activitypub"
]
],
"content": "Utterly fascinating flaw in the way *nix systems handle requests to 0.0.0.0 in browsers.\n\nhttps://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser\n\n#http #browser #rfc1122",
"sig": "2790fd555b1fb8c21f55131fb31a4c9af2ebfcb32eec40db28425c91cffbcc7733f12dc0faac150f4d3a5012df42d3b5468a89a7f9cdfc443206d8767353f011"
}