niedziela, 21 października 2018
Misconfigured Redis
One of the category of VMs available on Bitnami was tagged as #database. I decided to check Redis this time. My goal was to install it on clean Ubuntu 18 server and configure as 'vulnerable'. Let's say it will be our small 'vulnerable Redis Lab' ;) Here we go...
sobota, 20 października 2018
Stored XSS in Dolibarr 8.0.2
Last time I found few XSS bugs in Dolibarr ERP/CRM (version 8.0.2) available at Bitnami. Maybe you will find it useful...
czwartek, 4 października 2018
OpenLDAP - from XSS to RCE
Today I was using OpenLDAP VM from TurnKeyLinux (version 1.2.3 - available here). After I found some small bug (postauth stored XSS) I was wondering how can I use it during my 'pentest'. Below you will find an example.
Here we go...
Here we go...
Subskrybuj:
Posty (Atom)