środa, 9 października 2024

Waiting for The Hack Summit 2024

During last years I had a pleasure to present few of my notes and ideas during The Hack Summit conference in Poland. This year I'll try to present few words about a new topic - more related to Ghidra. So just as a quick summary for previous years - below you'll find a 'current timeline'. ;) Here we go... 

wtorek, 30 lipca 2024

Automating Network Pentests with Metasploit and Ruby

This time we'll continue the journey started in previous post to create a small 'semi-automated' tool to perform some 'basic' network pentests. For this case we'll focus (mostly;)) on CVE-2021-20039 for SonicWall SMA. Here we go...

środa, 24 lipca 2024

Reading Nmap Log In Ruby

From time to time during pentests we're using nmap to scan the target host(s). Today we'll try to read nmap's log using Ruby. Below you'll find few details about it. Here we go...

niedziela, 21 kwietnia 2024

Few notes from CTF@CIT

During this weekend I had a moment to read what's new at CTFTime and that's how I found CTF@CIT prepared by HACK@CIT. Below you'll find few notes about it. Here we go...

wtorek, 16 kwietnia 2024

Postauth SQLi in Centreon 23.10-1.el8

Similar to previous notes about hunting bugs in Centreon few weeks ago I prepared a new lab to test 'current/latest' version of this webapp. Below you'll find the details. Here we go...

sobota, 6 stycznia 2024

Healthy PostAuth RCE in FortiADC 7.4.0

Few weeks ago when I was playing a bit with Fortigate machines I decided to check FortiADC VM (downloaded here). After a while I found an interesting "feature" that can be used to achieve ('limited' AFAIK ;)) postauth RCE. Below you'll find few notes about it. Here we go...

środa, 6 grudnia 2023

The Hack Summit 2023 - Online presentation

This year I had a pleasure to present few of the topics from my research during The Hack Summit Conference in Poland[1, 2, 3]. This time we (mostly;)) talked about one preauth RCE bug I found in ConQuest DICOM server (1.5.0d). Below you'll find more details about it. Here we go...