|
|
|
|
|
|
by rudolf0
4097 days ago
|
|
|
I am well aware of that misuse, as I've exploited it during a CTF before. :) I would consider using the raw byte-output version of a function a very blatant example of "improper implementation". Also, I agree regarding encryption. In my example I was actually referring to the random AES key as a pepper, even though it'd probably be better called an "application secret". |
|
|