-
# Random Access Channel Request Replay Attack
## Implementation (UE):
- Capture the RACH requests of other UEs
- Replay these requests later to confuse the RAN
## Mitigation (UE and gNB):
- a…
-
Description:
The `claim` function in the ClaimContract is vulnerable to signature replay attacks. The function uses a `_postfix` parameter in the signature verification process, but there's no mechan…
-
**Github username:** @obingo31
**Twitter username:** --
**Submission hash (on-chain):** 0xe89620ff010e672c753b01833e787f6db5c8efacf602e86b726a06174f704afb
**Severity:** high
**Description:**
**Descr…
-
## 翻訳対象ページ (原文 URL)
https://developer.mozilla.org/en-US/docs/Glossary/Replay_attack
## 備考・ヘルプ
(特になし)
-
**Github username:** --
**Twitter username:** GitTopStar
**Submission hash (on-chain):** 0xe641fe61007e4b4bbbaa3d7d37fadd1cebd4493b36199e136649c891bb882653
**Severity:** medium
**Description:**
**De…
-
For more:
* https://kerkour.com/sha256-length-extension-attacks
* https://news.ycombinator.com/item?id=36058754
-
API JWTs must send a `jti` (ID/nonce), [as documented](http://olympia.readthedocs.org/en/latest/topics/api/auth.html), but currently the server is not using this to prevent replay attacks. Let's do it…
-
-
gg:
curl -v --cookie "request_method=GET; _roly_polly_session=dXN3S0JhalVDSEhHTmhwYzVzR2tobHBvYkZVTDNUS1VqTURUTG9PQ1J0aTE1K0QxdGlLZGJDRnVPSjFrbFlBZ2lMSVh2SkhiVDNEREYvRzlDYTAveXl1bkJ6eGpsU1h2V2M4TGM1c…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0x748df0ff8210bcfd30299a946c6ce155070fb15965c9c0a032f77fdd8456d068
**Severity:** medium
**Description:**
**Descriptio…