Email or username:

Password:

Forgot your password?
halcy​:icosahedron:'s posts Post Back to profile
Top-level
halcy​:icosahedron:

@Gargron it's literally just connecting to every port that you are about and seeing if the computer on the other side replies back

the real issue here is why is a random ass website allowed to open websockets to localhost

20 May 2020 at 21:38 | Open on icosahedron.website
No comments
Eugen Rochko

@halcy Exactly

I don't think the author necessarily meant server port scanning was malicious

Although it is often used to find vulnerabilities so it kind of is

20 May 2020 at 21:41 | Open on mastodon.social
charlag

@halcy @Gargron because reasons?
I remember that js is given no info whatsoever (and especially no status codes) with exact reasoning to disallow port scanning but as article says they still use timing

20 May 2020 at 22:05 | Open on birb.site
Go Up