Blog posts

Hello world

7/10/22

Welcome to QuerciaLabs! We are dedicated to exploring, exploiting and improving everything related to Computer Science. Be sure to follow us using RSS link to get live updates from our blog. Why another blog We wanted to be famous on Hacker News, then we thought it was a nice move to contact one of their mods. We asked where we could post our website for showcasing services. This was the answer. – Read more

Practical Approach on Securing Web Sessions

7/10/22

One student sent us an email and asked “why most of websites implements a session id that seems to be a content hashed?”. Well, it’s important to discuss at this time why protecting session id must be done, and how it is evolved. The obligatory disclaimer: like any security advice from someone who does not know the specifics of your own system, this is for educational purposes only. Information security is a complex and very specific area and if you are concerned about the security of your system you should hire an expert that can review your system along with a threat analysis and provide the appropriate advice. – Read more

The old useless DOS header of Windows PE

7/10/22

When we open native windows executables in a hex-editor we can notice that almost all of them contains strange “This program cannot be run in DOS mode” text at the beginning of the file. The original purpose on this text and surrounding it small MS-DOS program, called MS-DOS stub is to print message to the user and then exit if the .exe file is run from under MS-DOS. All values in both MS-DOS file header and in PE headers are stored using little-endian convention. – Read more