As I 'promised': Vendor received the details but after all* - to this day - I have no idea what's goin on now... No response, no feedback, so "Vendor don't care" in my opinion. Full disclosure.
wtorek, 12 grudnia 2017
wtorek, 5 grudnia 2017
During last few days I tried to rewrite few parts of modus.py to get more similar results to those described for the 'latest' version of Horde.
TL;DR - we have a new version of modus.py =]
TL;DR - we have a new version of modus.py =]
czwartek, 30 listopada 2017
Ok. Here we go again... During last few days after I had a pleasure to received some 'results' from CVE Team (1,2,3). I decided that it should be good ('enough';]) idea to create a small 'poc script' (again) to automate a little bit the process of 'finding bugs' (for example: like those mentioned in CVE's reference(s)). Below you will find few details collected after few days of 'research' and pinging the Vendors...
poniedziałek, 20 listopada 2017
This time I decided to sit for a while with Horde Groupware (5.2.19). “Ready to go” virtual machine we can find at Bitnami’s webpage (big thanks!) so using for example VirtualBox – you can set all things up very quickly. Below you will find few publicly disclosed bugs found during last few days...
piątek, 17 listopada 2017
czwartek, 16 listopada 2017
Last time we saw few bugs found in latest ManageEngine Applications Manager 13. Today I decided to publish another 6 (so called ;] '0day') exploits (found between 6-7.11.2017). Details below...
niedziela, 5 listopada 2017
This morning I decided to start some new "challenge" related to webapp pentesting. That's how I found latest version of ManageEngine Applications Manager.(You can grab a copy here.) Below you will find some 'results'...
niedziela, 29 października 2017
środa, 25 października 2017
In the middle of time, just like before I was playling a little bit with Kaspersky Endpoint Security 10 for Windows 10. New results from the 'night fuzzing session' you will find below...
Few weeks ago during some pentest I found that tested Fortinet-appliance is sometime restarting... I wasn't sure about the reason so I decided to contact directly with the Fortinet's PSIRT. Patch is ready so below you will find few details about it. Enjoy...
poniedziałek, 23 października 2017
When I was reading descriptions of bugs at VulDB I found that there is an SQL injection vulnerability in Zabbix (<2.2.13 and <3.0.4). I decided that it will be a good exercise to write a small proof-of-concept for that bug. Below you'll find results...
środa, 11 października 2017
poniedziałek, 9 października 2017
During last few days I had a pleasure to learn a little bit more about heap exploitation in Linux. I decided that it will be a good moment to take a look for a ProtostarCTF. Below you will find few details about it...
czwartek, 28 września 2017
During last few days I was preparing to another CTF competition. As a warm-up I decided to do a(nother;)) quick autopsy, this time of an old bug found in Proftpd - described as CVE-2006-6563. Below you will find some results...
czwartek, 7 września 2017
poniedziałek, 4 września 2017
piątek, 18 sierpnia 2017
According to the story posted yesterday below you will find quick&dirty proof-of-concent module for Metasploit. Big thanks goes to Mehmet for his research. Poc is based mostly on his work.
czwartek, 17 sierpnia 2017
poniedziałek, 14 sierpnia 2017
poniedziałek, 7 sierpnia 2017
sobota, 5 sierpnia 2017
środa, 2 sierpnia 2017
wtorek, 25 lipca 2017
czwartek, 6 lipca 2017
Thanks to Malekal’s page (just like before) I was able to „read” some (more) malware(s). Below you will find few details about the "new" (for me) one case (afaik dated to 2015) I had a chance to check…
wtorek, 20 czerwca 2017
wtorek, 30 maja 2017
poniedziałek, 29 maja 2017
sobota, 27 maja 2017
As it was mentioned in my last post related to Napalm and Testlink bug(s), you probably saw there 'few other started modules'. As we can say that those 'bugs' are only 'features' I decided to publish them all. Below uploading shell for latest Concrete5 CMS (8.1.0).
czwartek, 11 maja 2017
Hi, in my last post you probably saw some ("started") modules for TestLink... So, yeah, below you will find some details about one of the bug(s) I found during tests related to (last available version of) TestLink (1.9.16) - thanks goes to Bitnami for preparing VM. So...
poniedziałek, 8 maja 2017
I started creating the code basing on ideas from wrapper I created some time ago. Other tool – similar to this one – is of course grabash but here, I decided to change an approach of the tool to the one idea grabbed from the eternalblue-paper – targeted attacks.