piątek, 27 marca 2020

Creating poc for preauth Symantec Web Gateway RCE

Last time we talked about postauth RCE bug I found in Symantec Web Gateway. Today we'll try to find few more bugs - this time for unauthorized users. Here we go...

czwartek, 26 marca 2020

Postauth RCE in Symantec Web Gateway

Last time I decided to check Symantec Web Gateway (version I tried was 5.0.2.8). Below you will find few notes from the journey. Here we go...

czwartek, 19 marca 2020

Creating poc for NagiosXI 0day

I see you liked the 'NagiosXI series' ;) so I prepare a quick step-by-step tutorial for you. Reader will be able to create his/her own working poc for the 0day bug(s) described here. Here we go...

środa, 18 marca 2020

sobota, 14 marca 2020

piątek, 13 marca 2020

Postauth SQLi in latest NagiosXI 5.6.11

Yesterday I found that latest NagiosXI (5.6.11) is vulnerable to multiple (postauth) XSS bugs. Today I decided to continue the research to find out if I will find some other bug(s). Below you will find the details. Here we go...

środa, 11 marca 2020

Nagios 5.6.11 XSS'd

Because today most of time I was in a train... most of time I spent on checking latest Nagios XI (5.6.11) VM. :) Below you will find few notes about it. Here we go...

poniedziałek, 9 marca 2020

sobota, 7 marca 2020

Playing games with Games

Few days ago it was heavily raining so "inspired" ;) with the all grey buildings outside the window I decided to play some games. Below you will find few notes about it. Here we go...

poniedziałek, 24 lutego 2020

czwartek, 20 lutego 2020

Bug bounty scam program

I think now it's time to finaly write few words about the one 'bug bounty' program I had a 'pleasure' to try. Today we will talk about HackerOne platform. Below few details about why (in my opinion) this is scam. Here we go...

sobota, 15 lutego 2020

Exploiting Dolibarr 11

This time I tried to check one of the ERP/CRM software available on the market. I decided to try latest version of Dolibarr from Bitnami resources (. Below you will find few notes about it. Here we go...

piątek, 14 lutego 2020

Escaping from the Fort - quick CVE-2017-14187 autopsy

I don't know how many times I was wondering how can I get a binary of httpsd from the Fortinet device(s). Last time I tried again using some 'new approach'. ;) Below you will find few notes. Here we go...

poniedziałek, 10 lutego 2020

Trying harder...

It is not a secret anymore that last week I achieved OSCP certificate. So for all of you who still want to get it too - below few words "from me". ;) Here we go...

piątek, 31 stycznia 2020

niedziela, 26 stycznia 2020

Stack overflow for beginners - part 2

In the meantime I decided to check (again) some cases related to buffer overflow bugs we can find during CTF(s). This time we will talk about buffer overflows in x64 architecture. Few notes you'll find below. Here we go...

niedziela, 19 stycznia 2020

Me and My Girlfriend - CTF

Today I decided to try one of the latest CTFs from VulnHub called 'Me and My Girlfriend'. ;) Below you will find the details. Here we go...

piątek, 10 stycznia 2020

Shared Windows - quick pentest notes


Today I tried to prepare a short list for few ‘quick paths’ to escalate in Windows - from low-privileged user to the Admin (or NT AUTHORITY\SYSTEM). Below you will find the details. Here we go...

Hacker Fest 2019 CTF

Few days ago I decided to try some new CTF(s) available at VulnHub. This time I player "Hacker Fest 2019" prepared by Martin Haller. Below you will find the details. Here we go...

niedziela, 5 stycznia 2020

Fax and Scan from Win7 to Win10

Last time I was doing some new little experiments with procmon.exe. In the meantime I decided to look around more deeper in c:\windows\system32 directory. Below you will find few details from the journey. Here we go...