2009
OAuth: 2009.1
by nhoizey
A session fixation attack against the OAuth Request Token approval flow (OAuth Core 1.0 Section 6) has been discovered.
2007
2005
MD5 Dictionary Attacks - iBlog - Ilia Alshanetsky
by nhoizey (via)
The principal used here is a dictionary attack; the operators of the site build a reasonably large, 12 million & counting, database of hashes and their corresponding values. All you need to do is specify a hash and if they got it in their database in less a then a second you get to see its corresponding value
1
(3 marks)
