poniedziałek, 16 stycznia 2017

Bug in ab from Apache 2.2.22

Some time ago I found that ab from Apache can be crashed by malformed CLI arguments. Below few notes about it.

Read more »
Posted by at Brak komentarzy:
Labels: , , ,

niedziela, 15 stycznia 2017

Upload shell to phpMyAdmin

Yesterday I was reading about some vulnerabilities found in phpMyAdmin. I decided to create my own poc for uploading shell to PMA.

Read more »
Posted by at Brak komentarzy:
Labels: , , ,

piątek, 13 stycznia 2017

GeniXCMS SQL Injection quick autopsy

After my last CTF I found one new SQL injection in CMS called GeniXCMS. Below few details about the bug.

Read more »
Posted by at Brak komentarzy:
Labels: , , , ,

Kvasir CTF - Writeup


Man. I played few CTFs in my life. But this one, to be honest, was one of the best I’ve ever tried…;) Have fun.
Read more »
Posted by at Brak komentarzy:
Labels: , , , , ,

piątek, 6 stycznia 2017

Automated scans with OpenVAS and Kali - part 3

For all of those who liked my post about automating scans with OpenVas in Kali Linux, below I prepared a new version of the poc. Maybe you will find it useful too. ;)

Read more »
Posted by at Brak komentarzy:
Labels: , , , ,

czwartek, 5 stycznia 2017

Few bugs in TestLink

During one of my latest project, I was asked to analyze a security of one web server.


Read more »
Posted by at Brak komentarzy:
Labels: , , , ,
Subskrybuj: Posty (Atom)