Last month I found a stored xss vulnerability in the popular WordPress security plugin iThemes Security. I have since then been emailing back and forth with them and they have now released an version which fixes the issue.
It was really a nice experience working with them, and they kept me updated on every part of the process.
After the new version were out, I wrote an advisory which is published on securitysucks.info
I wrote this for securitysucks.info
In this article we will have a look at the info sec community and why so many of today’s hackers suck. Skids are nothing new. They are everywhere! They can be your neighbor, in your family, your class. No matter where you look, someone is a possible skid.
I wrote this for securitysucks.info
The past days I have been playing around with command injection vulnerabilities when grep is used in web applications in combination with user controlled input, and possible ways to bypass different filters etc. In this article I will write about what I have found.
“Why?!”, you may ask. The reason why I decided to spend time on this is because, when searching for command injection on Google most of the examples that comes up is about pinging hosts and very little about other methods.
I have been reading the book “The Hacker Playbook” which recommends some additional tools to what Kali Linux already comes with. There’s quite a few of additional tools as well, and it’s a pain in the ass to do it all manually. So I decided to make a bash script to automate the process.
Continue reading Kali Linux additional tools setup
This post is a part of my “Today’s Learning’s” series. If you’re interested in, or wonder why, I’m writing these posts please read my article named “My Journey Through 2015“.
So! Another day, more learning. Today has been a really good day for me. I’m still working on the Protostar Stack exercises, and this time I learned about how to do basic debugging of shellcode by using the opcode for INT3 debugger trap instruction. Also learned how to bypass No-eXecute (NX) protection using return to libc (ret2libc) method, and more…
Continue reading Today’s learning’s – More overflows, ret2libc, opcode and more
Welcome to the first article in my “today’s learning’s” series. Last night and today I have been working on the Stack exercises in Protostar from exploit-exercises.com. So far I’ve solved Stack 0 through 3. These exercises covers the basics of stack based buffer overflow vulnerability, and each exercise teaches you something new about it.
Even though they all have individual goals, I have set one goal myself which is to gain root shell as well as solving it as first intended.
Continue reading Today’s learning’s – Buffer overflow, gdb, and more
Ok, so I started off 2015 telling everyone that this year I would spend as much time outside of my comfort zone as possible, and study parts of security that I have never taken the time to explo(it|re). With this in mind, and the wish for taking the OSCP next year, I decided to use the PWK syllabus as my curriculum. Continue reading My journey through 2015
It’s sad to say, but the reality these days is that you can never feel safe anywhere. Not even online chatting with your friends. There are several default configurations that help disclosing sensitive information about you and the system you are running. This information can be of great value to malicious users. So in this article I will describe some steps you can take to feel a tiny bit more safe. Continue reading Installing, configuring and hardening Weechat on Linux
This article is a part of my file inclusion series. If you do not know about file inclusion vulnerability I suggest you read my introductory article on the topic.
In this article I will explain how we, in some scenarios, can use different types of logs on a server to gain remote execution and, in the end, shell access. This method is called log poisoning, and is the process of infecting a log file with malicious code. We can then use local file inclusion to load this code and execute arbitrary commands on the system.
This post is an extension of an old blog post I wrote which is now dead. So I’m bringing it back to life.
Continue reading 0x03 File Inclusion – Log poisoning to code execution
This is a really quick update, just to show that the blog is not dead. Finally things are slowing down around here. No longer living in a maze of cardboard boxes and plastic bags and christmas is over. It’s been a hectic month, but now I’ve finally got time to sit down and work on my blog.
I’ve written some more on part 3 of my file inclusion series, and I expect to post it very soon, hopefully tomorrow.
I hope everyone has had a great christmas, and enjoyed the holiday with family and good friends.