piątek, 13 września 2019

Crashing FortiGate VM 6.2.1 - httpd

After (some about) 6-8 months today I finally found a moment to go back to the idea I discussed with a friend ('Ścisła Dieta Homarowa' aka. 'Tylko homary Team' ;)) and "check those VM image(s) for (few) popular 'network appliances'". That's how I tried to play with my good old friend - Fortinet. :) Here we go...

niedziela, 1 września 2019

środa, 21 sierpnia 2019

Wakanda CTF

This time I tried Wakanda CTF prepared by xMagass. Here we go...

ret2libc1 challenge

This time we will check ret2libc1 challenge. "Practice, practice, practice..." Here we go...

ret2shellcode challenge

I like this kind of challenges so I decided to do another one - ret2shellcode. Here we go...

stackoverflow-intro challenge

This time I decided to check one simple challenge found somewhere between other challenges found at github. We will check stackoverflow-intro (pretty similar to few cases from Protostar CTF). Here we go...

Symfonos:1 CTF

Today I decided to check Symfonos:1 CTF shared by VulnHub. Here we go...

poniedziałek, 19 sierpnia 2019

PicoCTF 2013 - overflow5

This time I tried overflow5 from Pico CTF 2013. Below you will find the details...

Creating evil module for Wordpress

Last time when I created 'evil module' we talked about web based on Drupal. Today we will try to achieve similar results for Wordpress. Here we go...

PicoCTF 2013 - overflow4

This time we will check overflow4 challenge. Let's do it...

PicoCTF 2013 - overflow3

Let's move directly to part3 of the "overflow's challenges" from Pico 2013 - overflo3. Here we go...

PicoCTF 2013 - overflow2

Last time we tried to exploit overflow1. Today we will check next challenge - overflow2. Here we go...

PicoCTF 2013 - overflow1

First overflow1 challenge from PicoCTF 2013. Old but (still) good for a practice. ;) Let's do it...

Escalate_Linux:1 CTF

This time I decided to check one the latest VM available at VulnHub called Escalate_Linux:1 (by Manish Gupta). Let's go...

wtorek, 23 lipca 2019

piątek, 19 lipca 2019

Protostar CTF - Stack0

I decided to check one old CTF called Protostar (again;)). This time we will try to solve some 'stack challenges'. Let's start from the beginning...

czwartek, 18 lipca 2019

XSS in Zurmo CRM

If you are already familiar with last 2 cases[1, 2] we can run our 'new Burp settings' with 'another webapp'. This time let's try Zurmo CRM. Here we go...

XSS in TestLink 1.9.19

Last time we talked about automating Burp scans to find few more low-hanging fruits during bug hunting. Today we will try to achieve similar results - this time for latest TestLink (1.9.19 available at Bitnami). Here we go...

XSS in DokuWiki

Last time we talked about DokuWiki when I was checking Bitnami resources. Today I decided to try it again but this time I used Burp Proxy to automate the process of finding bugs in webapps. Here we go...

poniedziałek, 17 czerwca 2019

Unquoted path for CA Deploy Agents

Sometimes during pentest(s) we can find some not-so-usual ports open. Few of them you can find described here or here in latest posts. But today we will check "that 6600/tcp" port open. Here we go...

niedziela, 9 czerwca 2019

Few more quick tests

Last time I described small script you can use (or create) during your pentests. Below you will find a little continuation of the paths started last time. So...

piątek, 31 maja 2019

Lazy Enlil

Sometimes during pentests we can find pretty similar "environment(s)". By environment - this time - I mean open ports, possible (mis)configuration bugs or default passwords still used for access the target box/app. That's why I decided to start 'something new'...

czwartek, 9 maja 2019

Crashing DeviceNet Builder

Below you will find few details from just another fuzzing session - this time I tried DeviceNet Builder (2.04) from DeltaElectronics. Here we go...

Unquoted path in ActiveFax Server 6.70

Found last week during some 'Windows 7 exercises'... Few details you'll find below...

Crashing Alternate Pic View

This time I decided to check Alternate Pic View. Below you will find few details. Here we go...

Unquoted path in Softros LAN Messenger

Found last week during some 'Windows 10 exercises'... Few details you'll find below...

Crashing Edraw Max

Below you will find few details from just another fuzzing session - this time I tried Edraw Max (7.9.3). Here we go...

czwartek, 21 marca 2019

Crashing XnView 2.48

Last time when we talked about bugs in XnView I was surprised 'how good' can be the response 'from the Vendor'. But when 'response' is not 'responsible' - responsible disclosure is pointless. So, here we go...

niedziela, 24 lutego 2019

sobota, 23 lutego 2019

niedziela, 17 lutego 2019

Go! RabbitMQ, go!

After a while I decided to check few other machines available on Bitnami (and/or TurnKeyLinux). This time - just like before - I used Ubuntu 18 server to re-create environment and install 'application' from the scratch. Today we will try RabbitMQ

Sleepy - CTF

I woke up again at 3 AM so it was... a good time to finish one of the CTF(s) I started few weeks ago - this one is called Sleepy ;) . Machine you can find online thanks to VulnHub Team. Below few details from the journey...

sobota, 9 lutego 2019

RCE in Enterprise VA MAX

Just like few times before I was looking for some new VM appliance to check. This time I found "Enterprise VA MAX" prepared by loadbalancer.org. Below you will find few details about the bug I found in version v8.3.4 (afaik 'latest' one). Here we go...

czwartek, 31 stycznia 2019

wtorek, 29 stycznia 2019

RCE in Artica

Last time somewhere online I found Kaspersky Proxy Server ISO. It was a little surprise for me when I saw that this 'appliance' is based on Artica Proxy. Below you will find few details from the journey...

poniedziałek, 28 stycznia 2019

Reading TrendMicro - OfficeScan

When I was googling for some 'new software' (to check it during my simple fuzzing) I found an old installer of TrendMicro OfficeScan. It occurred that we can 'crash the agent app'... Below you will find few more details...

środa, 16 stycznia 2019

Exploiting BlazeDVD

I wasn't very satisfied after my last case so I decided to check another software. This time I tried to exploit BlazeDVD. Below you will find few details about it. Here we go...

sobota, 12 stycznia 2019

Crashing Zelio Soft 2

Yesterday I found the software called Zelio Soft 2. I decided to fuzz it a little bit. Below you will find few results from the night (24h fuzzing with 1 sample). Here we go...