Hack The Forum - Recent Posts

What is Asterisk?

Voice Expert — Thu, 14 May 2026 16:23:45 +0000

Asterisk is an open-source software framework used to build and run communication systems—especially telephone systems—over a computer network.

Asterisk turns a computer into a PBX (Private Branch Exchange)—basically a phone system for businesses or individuals. It lets you:

Make and receive calls over the internet (VoIP)
Set up extensions (like office phone numbers)
Create voicemail systems
Build interactive voice menus (“Press 1 for sales…”)
Route calls automatically

Key features

Voice over IP (VoIP) support
Call recording
Conferencing (group calls)
IVR (interactive voice response)
Integration with other apps (CRM systems, databases)

To configure the Policy Based Routing in Cisco Catalyst Switch

Techie — Sat, 09 May 2026 17:52:50 +0000

I have to configure the default routing for the specific source and remaing source have to sent the traffic via other route. How can we do the configuration of the policy based routing in Cisco Catalyst switches.

How to Decrease Space Between Bullet and Text in Word ?

Techie — Sat, 09 May 2026 16:09:15 +0000

How to Decrease Space Between Bullet and Text in Word ?

What is session-based authentication?

kajal — Thu, 07 May 2026 17:40:09 +0000

Session-based authentication is a traditional method where the server stores the user’s login state, and the browser keeps only a session identifier (usually in a cookie).

Difference between CSRF and SSRF?

kajal — Thu, 07 May 2026 17:38:50 +0000

Feature	CSRF	SSRF
Full Form	Cross-Site Request Forgery	Server-Side Request Forgery
Target	Victim user/browser	Vulnerable server
Attack Uses	Victim’s authenticated session	Server’s network access
Request Origin	User browser	Backend server
Goal	Force user action	Make server access internal/external resources
Requires Logged-in User?	Usually Yes	No
Main Exploit	Trust in browser cookies	Trust in server-side URL fetching
Impact	Unauthorized actions	Internal network scan, cloud metadata theft, RCE
Common Protection	CSRF tokens, SameSite	URL validation, network restrictions

Difference between CSRF and XSS

kajal — Thu, 07 May 2026 17:38:08 +0000

Both are common web security vulnerabilities, but they attack web applications differently.

Feature	CSRF	XSS
Full Form	Cross-Site Request Forgery	Cross-Site Scripting
Main Goal	Force user to perform unwanted action	Execute malicious JavaScript in victim browser
Exploits	Trust in authenticated user session	Trust in user input
Requires Victim Logged In?	Usually Yes	Not always
Uses JavaScript Injection?	No	Yes
Main Target	Server actions	User/browser
Attacker Needs	Victim session cookie	Input injection point
Can Steal Cookies?	No	Yes (unless HttpOnly)
Typical Impact	Unauthorized actions	Session hijacking, credential theft
Main Protection	CSRF token, SameSite cookie	Input sanitization, CSP, output encoding