poniedziałek, 31 grudnia 2018

Reading firmware - Foscam

Few months ago - as you probably remember - I started section related to 'reading firmwares'. Few results from the journey you have already published on the blog (for example: 1, 2, 3). In September I found another firmware, this time related to Foscam and this is what I found inside...

niedziela, 30 grudnia 2018

sobota, 29 grudnia 2018

Sedna CTF

After the last VM I decided to check another one - this time prepared by Viper, called Sedna. More details you will find here shared thanks to the VulnHub. Here we go...

środa, 26 grudnia 2018

Crashing VLC 3.0.4

This time I decided to prepare a quick fuzzing case(s) for latest VLC - (version 3.0.4 for  24.12.2018@01:24). Below you will find few details...

wtorek, 25 grudnia 2018

Crashing CANOpen Builder

Last time we talked about few bugs found in ISPSoft and DCISoft. Today we will check the crash for CANOpen Builder by Delta Electronics. Here we go...

Crashing FantaMorph

Last time during the fuzzing we were able to crash DCISoft. This time we will check few bugs found for FantaMorph 5.4.8. Here we go...

poniedziałek, 24 grudnia 2018

środa, 19 grudnia 2018

Crashing ISPSoft

Few days ago I decided to fuzz a little bit one software available at Delta Electronics web page. This software is called ISPSoft and you can find it here. Below few quick results...

niedziela, 9 grudnia 2018

Pentesting AD - enumeration

Last time we prepared some small "AD environment". This time we'll try to 'enumerate AD' to get some useful information about the target. Here we go...

czwartek, 22 listopada 2018

Learning routers - part 2

It's been a while since I was checking router firmware(s) last time ('officially' ;] anyway... ). Today we will try to prepare a "working environment" again but this time we will use buildroot to do that. Here we go...

środa, 21 listopada 2018

Matrix - CTF

Last time I got a pleasure to check one of the latest CTF VMs shared by Vulnhub, called Matrix. So let's see if there is no spoon... ;) Here we go...

wtorek, 6 listopada 2018

Freshly CTF

This time I decided to check one of the CTFs prepared by TopHatSec and shared here - thanks to VulnHub. Below you will find notes from the journey. Here we go...

niedziela, 21 października 2018

Misconfigured Redis

One of the category of VMs available on Bitnami was tagged as #database. I decided to check Redis this time. My goal was to install it on clean Ubuntu 18 server and configure as 'vulnerable'. Let's say it will be our small 'vulnerable Redis Lab' ;) Here we go...


czwartek, 4 października 2018

OpenLDAP - from XSS to RCE

Today I was using OpenLDAP VM from TurnKeyLinux (version 1.2.3 - available here). After I found some small bug (postauth stored XSS) I was wondering how can I use it during my 'pentest'. Below you will find an example.

Here we go...

niedziela, 30 września 2018

Node:1 - CTF

Hi. It's been a while... when I tried to play CTF last time. So I decided to try a next one available online thanks to VulnHub. Let's try Node:1 CTF. Here we go...

środa, 19 września 2018

sobota, 15 września 2018

Few cracking notes

After a while I decided to go back to resources from crackmes.de (mirror I found here).
As usual, my main goal was to (more) understand ASM and (finally) print the 'congratulation' message. Let's try to do it... :)

sobota, 8 września 2018

DLL Injection - part 1

During last weekend I was looking for some possible scenario(s) for DLL injection case I wanted to solve. Below few deatils about it...

wtorek, 28 sierpnia 2018

Featuring Trac

I was wondering what's new on Bitnami and if there is any new VM I can try. There is! :) That's how I found the Trac VM. Below, just a quick story from that webapp and the 'feature' ;) (not a bug) I tried to exploit there... Here we go.

Crashing FreePlane

Below you will find few crashes for the latest FreePlane (1.6.15 32bit). Found few weeks ago (~10.08.2018) during one fuzzing session. Enjoy...

środa, 15 sierpnia 2018

wtorek, 14 sierpnia 2018

venome.sh - simple msfvenom "generator"

Sometimes I'm looking for a quick file to check the possibility of reverse-shell... This time I prepared a small bash-script to speed it up ;) Maybe you will find it useful...

PwnLab: init - CTF

Hi. It's been a while since I tried to play CTF's so below you'll find a quick review for the one I found one time at VulnHub. Let's do it...

niedziela, 5 sierpnia 2018

Updating XnView

As far as I remember few days after "last" CTF from VulnHub posted here, I decided to check an interesting photo viewer called XnView. Below you will find few details ...

piątek, 3 sierpnia 2018

Sample fuzzing automation

Below you will find few notes from sample (and simple ;)) "fuzzing automation". It is not a rocket science but maybe you will find it useful...

wtorek, 31 lipca 2018

Crashing nmap 7.70

Last time we saw nmap 7.60 (Kali) crashed during (let's say;)) quick scan of one target machine from VulnHub. Today I decided to check if I will achieve similar results for version 7.70. Details you will find below...

niedziela, 29 lipca 2018

Crashing nmap 7.60

As you probably know sometimes I'm trying to play CTF's from VulnHub. During one game I found that nmap 7.60 (default install on Kali) is acting "weird" (read: presenting SIGSEGV ;]). Below you will find few details...

CVE-2018-6892 quick autopsy

After a pretty busy week I decided to take a break and ... check some updates from Beyond Security Blog. I assumed it will be a good idea to check it on the VM. Here we go...

sobota, 21 lipca 2018

Reading malware - your sister

In the meantime I decided to check again if there is something 'new' in logs from one of the honeypots I decided to run some time ago. Below you will find few details from the journey...

wtorek, 17 lipca 2018

in.security - CTF

During last weekend I found few 'new' (for me) CTFs on Vulnhub. After last two I decided to try another one ;] This time I tried the game called "in.security". Here we go...

Zorz - CTF

When Quaoar CTF was finished I decided to try another one - this time I tried ZorZ CTF prepared by TopHatSec. Thank to VulnHub you can find this machine available here. Here we go...

Quaoar - CTF

During last weekend I had a pleasure to check few more CTF's hosted by VulnHub. This time we will check out "Quaoar". Big thanks this time goes to @ViperBlackSkull who prepared the game. Let's play...

wtorek, 10 lipca 2018

Exploiting Monstra CMS 3.0.4

Last time when I tried HackTheBox CTF I found that one of the machines has Monstra CMS installed. Because I found that few bugs are already publicly disclosed for that CMS[1,2,3] I decided that it will be a good idea to do another "quick autopsy"... Here we go.

sobota, 7 lipca 2018

Nineveh: v0.3 - CTF

Lately I had a chance to check 'new' CTF from VulnHub, described as a part of HackTheBox Lab. Below you will find few notes about it. Thanks to Yas3r - this time we will try Nineveh: v0.3.
Let's go.

wtorek, 26 czerwca 2018

Exploiting CyberArk 10.2.1.603

Some time ago I found few bugs in CyberArk (version 10.2.1.603). I think that because all of them are 'for logged-in users only' - maybe you will find it useful. ;) Few details below...

Csharp: VulnJson - CTF

Below you will find some notes from Csharp: VulnJson - another nice CTF hosted by VulnHub. This time we will try to exploit SQL injection via JSON. Let's do it...

poniedziałek, 25 czerwca 2018

Fiddler Bug - case 01

One day I started Fiddler in a different way than usual. Below you will find few notes about it... ;]

billu b0x - CTF

When I was waiting for the results from john from the last post I decided to run another VM with new CTF box. This time I tried "billu: b0x" - machine prepared by Manish Kishan Tanwar. I started from...

Crashing Photoshop CS3

Last time when I was fuzzing I had a pleasure to find few bugs in one IBM product... This time you will find few similar bugs but for Adobe Photoshop CS3. Portable version is available somewhere online, so let's get to the details...

niedziela, 27 maja 2018

Make free the VLC

Few weeks ago (after some small talk about the VLC bugs I found in the past) I was asked to 'check' the "new version" of VLC (3.0.1). As far as I'm concern there is already version 3.0.2, so I think it's a good time to drop few notes about the results of one month of fuzzing. Here we go...

niedziela, 29 kwietnia 2018

Few bugs in latest Nagios XI 5.4.13

As you probably already know from time to time I'm trying to work on small and simple python script - called modus.py[1,2]. It's also fun to run some VM in the background (for example with some webapp - like Bitnami's VM collection [3,4,5]) and start to do a blackbox test to find some cases to future analysis... This time below you will find few results for 'latest' Nagios XI - 5.4.13. Here we go...

OwlNest - CTF

During last few days I tried to solve another CTF from VulnHub. This time I decided to try OwlNest prepared by Swappage . Below you will find few notes about the game. Let's play...

czwartek, 8 marca 2018

Kevgir CTF

Just like before I found another nice CTF on VulnHub - this time called Kevgir and prepared by CanYouPwn.Me. Below you will find quick writeup for solving this challenge. Let's go...

środa, 7 marca 2018

Mr Robot CTF

Today I had a time to check Mr-Robot CTF created by Leon Johnson. It was pretty cool CTF, you should definitely try it. :] Below you will find the details about how I solved it. Here we go...

poniedziałek, 5 marca 2018

Dina CTF

When the Gibson was done I had a time to check another great CTF hosted by VulnHub. This time the game was prepared by Touhid Shaikh - thanks! :] Below you will find few details showing how I solved this challenge. Here we go...

niedziela, 4 marca 2018

Gibson CTF

Last time when I was looking for the job 'HR' told me that "I'm not good enouh" to hack their planet. Well. This time we will try the Gibson CTF (prepared like before by knightmare). "We will show them Lucy...!" ;]

sobota, 3 marca 2018

Droopy CTF

In the middle of the other games available at VulnHub I found the new one I decided to try. This time we will work with Droopy CTF provided by knightmare (thanks!). Here we go...

Hints and notes to CTF pentests

Sometimes when I'm playing CTFs I'm using 'few commands and/or tools' to automate the job a little bit. Below you will find few notes about it. Maybe you will find it useful... Enjoy.

czwartek, 1 marca 2018

DC416 - Fortress - CTF

Last weekend I tried another cool CTF from VulnHub - DC416 Fortress. This time the game was prepared by VulnHub CTF Team. Below you will find my solutions to all the challenges. Let's go...

poniedziałek, 29 stycznia 2018

Post-auth SQL injection in FreePBX

Last time I found new cool CTF (you will find it at VulnHub) I would like to play. This time it will be something related to some Voip-scenario... Ok. I decided that it will be a good idea to take break for a moment and check the 'latest' available ISO for FreePBX ;]

Because of some problems (VirtualBox and SNG7-PBX-64bit-1712-2) I tried the 'historical' version: 10.13.66-32bit. Below you will find results (related only to the SQL injection bug I found...

sobota, 27 stycznia 2018

Brainpan2 - CTF

After I finished playing Pegasus I started next one VM with CTF called "Brainpan:2". The game was prepared by superkojiman. Thanks to VulnHub you can find it hosted here. Let's play...

piątek, 26 stycznia 2018

wtorek, 23 stycznia 2018

Bulldog - CTF

Last time when I tried CTF from VulnHub it was (as usual;]) very cool. That's why I think, today is a good time to try another one. This time we will check Bulldog CTF by Nick Frichette (thanks!).
Let's start from the beginning...

wtorek, 16 stycznia 2018

Fuzzing ArcSight 6.x - 01 - ArcSoloBug.exe

I think it is some kind of an old-ancient exe 'still available' after the default installation... Anyway. Few details below. Maybe you will find it useful...