|
|
|
|
|
|
by cjbprime
2357 days ago
|
|
|
Oh yeah! So it's like: * client asks for cert * you give it to them * client tells you the page they want and their useragent * if you think they're vulnerable based on what you've learned about them, you add <img src="https://vulnerable.subdomain/"> to the response. Neat suggestion. Thanks! Agree we've moved well outside of tomorrow's likely actual vuln. |
|
|