niedziela, 29 marca 2020

Pentesting Zen Load Balancer - quick tutorial

Last time we talked about Zen Load Balancer few weeks ago. Yesterday I decided to check it again to find something similar and maybe create a little tutorial. Below you will find the details. Here we go...

piątek, 27 marca 2020

Creating poc for preauth Symantec Web Gateway RCE

Last time we talked about postauth RCE bug I found in Symantec Web Gateway. Today we'll try to find few more bugs - this time for unauthorized users. Here we go...

czwartek, 26 marca 2020

Postauth RCE in Symantec Web Gateway

Last time I decided to check Symantec Web Gateway (version I tried was 5.0.2.8). Below you will find few notes from the journey. Here we go...

czwartek, 19 marca 2020

Creating poc for NagiosXI 0day

I see you liked the 'NagiosXI series' ;) so I prepare a quick step-by-step tutorial for you. Reader will be able to create his/her own working poc for the 0day bug(s) described here. Here we go...

środa, 18 marca 2020

sobota, 14 marca 2020

piątek, 13 marca 2020

Postauth SQLi in latest NagiosXI 5.6.11

Yesterday I found that latest NagiosXI (5.6.11) is vulnerable to multiple (postauth) XSS bugs. Today I decided to continue the research to find out if I will find some other bug(s). Below you will find the details. Here we go...

środa, 11 marca 2020

Nagios 5.6.11 XSS'd

Because today most of time I was in a train... most of time I spent on checking latest Nagios XI (5.6.11) VM. :) Below you will find few notes about it. Here we go...

poniedziałek, 9 marca 2020

sobota, 7 marca 2020

Playing games with Games

Few days ago it was heavily raining so "inspired" ;) with the all grey buildings outside the window I decided to play some games. Below you will find few notes about it. Here we go...