poniedziałek, 17 czerwca 2019

Unquoted path for CA Deploy Agents

Sometimes during pentest(s) we can find some not-so-usual ports open. Few of them you can find described here or here in latest posts. But today we will check "that 6600/tcp" port open. Here we go...

niedziela, 9 czerwca 2019

Few more quick tests

Last time I described small script you can use (or create) during your pentests. Below you will find a little continuation of the paths started last time. So...

piątek, 31 maja 2019

Lazy Enlil

Sometimes during pentests we can find pretty similar "environment(s)". By environment - this time - I mean open ports, possible (mis)configuration bugs or default passwords still used for access the target box/app. That's why I decided to start 'something new'...

czwartek, 9 maja 2019

Crashing DeviceNet Builder

Below you will find few details from just another fuzzing session - this time I tried DeviceNet Builder (2.04) from DeltaElectronics. Here we go...

Unquoted path in ActiveFax Server 6.70

Found last week during some 'Windows 7 exercises'... Few details you'll find below...

Crashing Alternate Pic View

This time I decided to check Alternate Pic View. Below you will find few details. Here we go...

Unquoted path in Softros LAN Messenger

Found last week during some 'Windows 10 exercises'... Few details you'll find below...

Crashing Edraw Max

Below you will find few details from just another fuzzing session - this time I tried Edraw Max (7.9.3). Here we go...

czwartek, 21 marca 2019

Crashing XnView 2.48

Last time when we talked about bugs in XnView I was surprised 'how good' can be the response 'from the Vendor'. But when 'response' is not 'responsible' - responsible disclosure is pointless. So, here we go...

niedziela, 24 lutego 2019

sobota, 23 lutego 2019

niedziela, 17 lutego 2019

Go! RabbitMQ, go!

After a while I decided to check few other machines available on Bitnami (and/or TurnKeyLinux). This time - just like before - I used Ubuntu 18 server to re-create environment and install 'application' from the scratch. Today we will try RabbitMQ

Sleepy - CTF

I woke up again at 3 AM so it was... a good time to finish one of the CTF(s) I started few weeks ago - this one is called Sleepy ;) . Machine you can find online thanks to VulnHub Team. Below few details from the journey...

sobota, 9 lutego 2019

RCE in Enterprise VA MAX

Just like few times before I was looking for some new VM appliance to check. This time I found "Enterprise VA MAX" prepared by loadbalancer.org. Below you will find few details about the bug I found in version v8.3.4 (afaik 'latest' one). Here we go...

czwartek, 31 stycznia 2019

wtorek, 29 stycznia 2019

RCE in Artica

Last time somewhere online I found Kaspersky Proxy Server ISO. It was a little surprise for me when I saw that this 'appliance' is based on Artica Proxy. Below you will find few details from the journey...

poniedziałek, 28 stycznia 2019

Reading TrendMicro - OfficeScan

When I was googling for some 'new software' (to check it during my simple fuzzing) I found an old installer of TrendMicro OfficeScan. It occurred that we can 'crash the agent app'... Below you will find few more details...

środa, 16 stycznia 2019

Exploiting BlazeDVD

I wasn't very satisfied after my last case so I decided to check another software. This time I tried to exploit BlazeDVD. Below you will find few details about it. Here we go...

sobota, 12 stycznia 2019

Crashing Zelio Soft 2

Yesterday I found the software called Zelio Soft 2. I decided to fuzz it a little bit. Below you will find few results from the night (24h fuzzing with 1 sample). Here we go...