Collaborate Disseminate
Here is the proof of concept of the code:
<?php
$input=$_GET[‘input’];
print preg_replace(‘/[A-DH-M0-9._%+-]+@(.+)\.[A-Z]{2,4}/mADsex’, ‘strtoupper(“\\1”)’, $input);
?>
I don’t quite understand what the filter does, … Continue reading Understanding preg_replace Filtering & Exploitation
Publicly known “magic string” lets any site run malicious code, no questions asked. Continue reading Cisco’s WebEx Chrome plugin opens 20 million users to drive-by attacks
I think in a PHP file upload it is a best practice to store files outside of the document root with a randomly generated file name and telling the server to make them non-executable, so the file will not be executed by an attempt to access… Continue reading Changing file extensions in PHP file upload to prevent code execution?
Apple released a massive update for macOS Sierra on Tuesday to address 72 vulnerabilities in the operating system. Continue reading Apple Fixes 97 Vulnerabilities Across macOS, iTunes, Safari, iCloud
Given a demo system for a fair which is based on SAP. Our application has a bug which cannot be fixed easily, at least not in time for the fair. The workaround is to give the users of the demo SAP_ALL access rights.
SAP_ALL… Continue reading With SAP_ALL access rights, can someone run an executable on the SAP server?
A local, race condition vulnerability in the af_packet implementation in Linux was patched this week. The bug allows a local attacker to execute code or crash a server. Continue reading Old Linux Kernel Code Execution Bug Patched
A local, race condition vulnerability in the af_packet implementation in Linux was patched this week. The bug allows a local attacker to execute code or crash a server. Continue reading Old Linux Kernel Code Execution Bug Patched
The BSD libc library was updated recently to address a buffer overflow vulnerability that could have allowed an attacker to execute arbitrary code.
Continue reading Buffer Overflow in BSD libc Library Patched
Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts. Continue reading Critical Vulnerability Patched in Roundcube Webmail
Suppose the following situation: You’re doing a black-box pentest. You found that the customer runs software X and X has a remote code execution vulnerability, but the nature of this code execution is that stderr and stdout c… Continue reading Verify "blind" code execution works