chrome release schedule link
https://chromestatus.com/roadmap
Credentitals Stealing mechanisms
https://attack.mitre.org/versions/v10/tactics/TA0006/
chrome release schedule link
https://chromestatus.com/roadmap
Credentitals Stealing mechanisms
https://attack.mitre.org/versions/v10/tactics/TA0006/
1) Get the process ID of the suspect process:
# ps -eaf | grep -i suspect_process, this gives process ID
#pstack core.<proc_id>
pstack proc_id > pstack_core.out : its gives call stack of a process
pmap proc_id > pmap_core.out
pmap lists
Address: start address of map
Kbytes: size of map in kilobytes
RSS: resident set size in kilobytes
Dirty: dirty pages (both shared and private) in kilobytes
Mode: permissions on map: read, write, execute, shared, private (copy on write)
Mapping: '[ anon ]' for allocated memory, or '[ stack ]' for the program stack
Offset: offset into the file
Device: device name (major:minor)
pflags proc_id > pflags_core.out : prints process flags
pldd proc_id > pldd_core.out : lists of the library loaded of the process.
Basic OpenID Connect Flow with major endpoints
OIDC EndPoint | Description | Output | General EndPoint(Subject to custamization) |
---|---|---|---|
Issuer Endpoint/Base URL | Its the parent URL, which forms as base url for other endpoints to access | NA | http://hostname/default |
Authorization Endpoint | used for authetication by resource owner | az code | /authorize |
Token Endpoint | used for retrieving access token | access token | /token |
User Info Endpoint | used for retrieving claims about user information | user identity infomration | /userinfo |
Introspection Endpoint | Rturns a current status by consuming access token or refresh token or ID token | true/false | /introspect |
Revocation endpoint | acts like termintion point for access token/ refresh token | 200 OK, no tokens returned back | /revoke |
Logout endpoint | logout underlying session of server. | redirects to configured sign-in or output page | /logout |
Discovery endpoint | List supported endpoints, signing algo suppoted, locale information | Provider Metadata Endpoint | /.well-known/openid-configuration |
OIDC EndPoint | Input Request | Output Request |
---|---|---|
Authorize EndPoint | https://server.provider.com/authorize?response_type=code &client_id=222334 &redirect_uri=https%3A%2F%2Fclient.test.org%2Fcb &scope=openid%20profile &state=statedata |
HTTP/1.1 302 Found Location: https://client.example.org/cb? code=SplxlOBeZQQYbYS6WxSbIA &state=af0ifjsldkj |
Token EndPoint | POST /token HTTP/1.1 Host: server.provider.com Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb |
HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-cache, no-store Pragma: no-cache { "access_token":"SlAV32hkKG", "token_type":"Bearer", "expires_in":3600, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", "id_token":"eyJ0 ... NiJ9.eyJ1c ... I6IjIifX0.DeWt4Qu ... ZXso" } |
UserInfo EndPoint | GET /userinfo HTTP/1.1 Host: server.provider.com Authorization: Bearer SlAV32hkKG |
custom claims based on scopes
{
"sub": "222222", "name": "test User", "given_name": "test", "preferred_username": "zelensky", "email": "testUser@provider.com", } |