niedziela, 29 października 2017

Microsoft Outlook 2016 - RW/RA Crash

Below I will present 2 bugs from last fuzzing session with Microsoft Outlook 2016. Vendor was notified about those bugs. Just like before (1, 2, 3, 4) here you will find some details...

środa, 25 października 2017

Night fuzzing session - Kaspersky10 on Windows 10 - part 2

In the middle of time, just like before I was playling a little bit with Kaspersky Endpoint Security 10 for Windows 10. New results from the 'night fuzzing session' you will find below...

Patch your Fortinet - CVE-2017-14182

Few weeks ago during some pentest I found that tested Fortinet-appliance is sometime restarting... I wasn't sure about the reason so I decided to contact directly with the Fortinet's PSIRT. Patch is ready so below you will find few details about it. Enjoy...

poniedziałek, 23 października 2017

ZBX-11023 quick autopsy

When I was reading descriptions of bugs at VulDB I found that there is an SQL injection vulnerability in Zabbix (<2.2.13 and <3.0.4). I decided that it will be a good exercise to write a small proof-of-concept for that bug. Below you'll find results...

Protostart CTF - format0 - walkthrough

Next challenge from Protostar CTF. This time we will check format0. Let's get to work!

Protostart CTF - heap3 - walkthrough

Final (heap3) challenge from ProtostarCTF - solved. Below details about it...


środa, 11 października 2017

poniedziałek, 9 października 2017

Protostart CTF - heap1 - walkthrough

In our last challenge we were able to overwrite the pointer of winner(). Let's see if we can expoit heap1 available also in ProtostarCTF. Details below...


Protostart CTF - heap0 - walkthrough

During last few days I had a pleasure to learn a little bit more about heap exploitation in Linux. I decided that it will be a good moment to take a look for a ProtostarCTF. Below you will find few details about it...