On 04/08/2013 04:43 PM, Jeffrey Walton wrote: > You might also check to see if the session identifier changes between > sessions. If not, GitHub may be using static session IDs, which means > they could be guessable.
Well, at least the first 103 (there are 303) characters are static. But I think that it will take you at least twice the age of the universe to guess that ID. Regards, _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
