Quantcast
Channel: Shielder
Browsing latest articles
Browse All 27 View Live

Image may be NSFW.
Clik here to view.

SOLUZIONE Seeweb Hacking Contest 2017: Music Of The Atoms

Da Lunedì 15 Maggio 2017 alle ore 10:00 a Mercoledì 31 Maggio 2017 alle ore 10:00 si è svolto l’hacking contest di Seeweb al quale abbiamo avuto l’onore di partecipare. Anche per questa edizione siamo...

View Article


Image may be NSFW.
Clik here to view.

FridaLab – Writeup

Today I solved FridaLab, a playground Android application for playing with Frida and testing your skills. The app is made of various challenges, with increasing difficulty, that will guide you through...

View Article


Image may be NSFW.
Clik here to view.

WebTech, identify technologies used on websites

Introduction We’re very proud to release WebTech as open-source software.WebTech is a Python software that can identify web technologies by visiting a given website, parsing a single response file or...

View Article

Image may be NSFW.
Clik here to view.

Nagios XI 5.5.10: XSS to #

Tl;dr A remote attacker could trick an authenticated victim (with “autodiscovery job” creation privileges) to visit a malicious URL and obtain a remote root shell via a reflected Cross-Site Scripting...

View Article

Image may be NSFW.
Clik here to view.

Exploiting Apache Solr through OpenCMS

Tl;dr It’s possible to exploit a known Apache Solr vulnerability through OpenCMS. During one of my last Penetration Test I was asked to analyze some OpenCMS instances. Before the assessment I wasn’t...

View Article


Image may be NSFW.
Clik here to view.

Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack

TL;DR: noVNC had a DOM-based XSS that allowed attackers to use a malicious VNCserver to inject JavaScript code inside the web page.As OpenStack uses noVNC and its patching system doesn’t update third...

View Article

Image may be NSFW.
Clik here to view.

Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, …

TL;DR LSP4XML, the library used to parse XML files in VSCode-XML, Eclipse’s wildwebdeveloper, theia-xml and more, was affected by an XXE (CVE-2019-18213) which lead to RCE (CVE-2019-18212) exploitable...

View Article

Image may be NSFW.
Clik here to view.

NotSoSmartConfig: broadcasting WiFi credentials Over-The-Air

During one of our latest Penetration Tests we tested an IoT device based on the ESP32 SoC by EspressIF. While assessing the activation procedure we faced for the first time a beautiful yet dangerous...

View Article


Image may be NSFW.
Clik here to view.

1-click RCE on Keybase

TL;DR Keybase clients allowed to send links in chats with arbitrary schemes and arbitrary display text. On Windows it was possible to send an apparently harmless link which, when clicked, could...

View Article


Image may be NSFW.
Clik here to view.

Sometimes they come back: exfiltration through MySQL and CVE-2020-11579

Let’s jump straight to the strange behavior: up until PHP 7.2.16 it was possible by default to exfiltrate local files via the MySQL LOCAL INFILE feature through the connection to a malicious MySQL...

View Article
Browsing latest articles
Browse All 27 View Live