I do not know if this fits here very well but as long as some of simpleSAMLphp users are using Apache over Windows I have thought that this information could be useful.
It has been shown that due to the way that Apache binds to port 80 in Windows environments, it is possible from a php program hosted in an Apache Server in Windows to gain access to any traffic being sent to the server. I attach a more detailed explanation and a video showing a proof of concept:
Posts
No comments:
Post a Comment