Nick Fox

/Nick Fox

About Nick Fox

Nick is a penetration tester living in Oxford, Ohio. His passions include hacking, participating in capture-the-flag (CTF) competitions, and programming.

CVE-2019-7629: RCE in an Open Source MUD Client

CVE-2019-7629: RCE in an Open Source MUD Client A few weeks ago I took the Corelan Advanced class and when I came back, I started poking at some open source projects that I personally use. It was a great exercise and I ultimately ended up with my first CVE. I was a little disappointed I [...]

By |2019-03-01T14:08:37+00:00February 18th, 2019|Categories: InfoSec, Vulnerabilities|0 Comments

Shells in Your Serial – Exploiting Java Deserialization on JBoss

Shells in Your Serial - Exploiting Java Deserialization on JBoss Background I read a fantastic write-up by Stephen Breen of FoxGlove Security earlier this month describing a vulnerability, present in several common Java libraries, related to the deserialization of user input. His post goes fairly in depth into how the vulnerability works, so [...]

By |2019-02-05T12:17:46+00:00November 18th, 2015|Categories: InfoSec|9 Comments