Version Tested 2.1.8 CVE Number CVE-2019-7550 Security Advisories None Background While conducting a penetration test for a customer, I encountered an unused developer forum using JForum version 2.1.8 and started looking for vulnerabilities within the application. Issue When creating a new user within the application, the browser sends a GET request to the server to […]Read More
I completed my Certified Ethical Hacker exam today, so to celebrate, here is a full Boot to Root guide of the Toppo Box on Vulnhub. This was a really fun challenge! First, power up the machine and make sure it can get an IP via DHCP. Next, we’re scanning it with nmap to see what […]Read More CEH Victory Dance, with bonus hacking!
LogMeIn did a really cool report they’re nicknaming “The State of the Password“, which breaks down a company’s security score by size and industry. They took a census of 43,000 companies to gather all of this data. Here are some highlights of the report: The bigger the company, the worse the score This one should […]Read More Enterprise Password Security Scores
A lot of users think having an antivirus is the silver bullet to all of their security problems. Plot twist: It isn’t. There is a relatively simple way to bypass antivirus and execute code on a remote machine, and the whole process takes less than 30 minutes. First, you need a Kali VM that has […]Read More Antivirus Bypass Technique
For researchers getting into malware analysis, or organizations that need somewhere to test suspicious files, sandboxes are a great way to isolate and run potentially malicious attachments or files before letting them get into your network. You can use any of the available cloud services like Cisco’s ThreatGrid, any.run, or Joe Sandbox. The downside to […]Read More Playing in Sandboxes
Most times when security researchers need to disclose a vulnerability, they let the company know and wait for them to fix it. @SandboxEscaper did not do that… Here is the alpc bug as 0day: https://t.co/m1T3wDSvPX I don't fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all […]Read More Microsoft Task Scheduler ALPC Exploit
A secret benefactor at GDT saw my efforts to build a really cool lab, and let me borrow a Meraki MX65W, Meraki MS220-8, and an ASA 5506-X. For those of you following along, my lab now includes 3 security appliances, a switch, a VM server, a Raspberry Pi 3, and a wireless router. Actually, 2 […]Read More Project Update: Homelab gets more stuff