Vulnerabilities

/Vulnerabilities

Latest Vulnerabilities

CVE-2019-7629: RCE in an Open Source MUD Client

CVE-2019-7629: RCE in an Open Source MUD Client A few weeks ago I took the Corelan Advanced class and when I came back, I started poking at some open source projects that I personally use. It was a great exercise and I ultimately ended up with my first CVE. I was a little disappointed I [...]

By |2019-03-01T14:08:37+00:00February 18th, 2019|Categories: InfoSec, Vulnerabilities|0 Comments

Bypassing WAFs with JSON Unicode Escape Sequences

Bypassing WAFs with JSON Unicode Escape Sequences This blog post will discuss how I was able find a blind SQL injection, analyze a WAF, find a JSON unicode escape bypass, and then automate the bypass by writing a sqlmap tamper script. SQLi Identification WAF Analysis Bypass Identification Tamper Script SQLi Identification The particular payload that [...]

By |2019-02-05T12:17:45+00:00December 20th, 2018|Categories: InfoSec, Vulnerabilities|0 Comments

EXE Hijacking in Git Bash for Windows

TLDR; Git Bash for Windows 1.x will execute any file named "git.exe" in the current directory when accessing the Windows context menu Discovery I was researching some old DLL hijacking vectors recently. Specifically, I was looking at the Metasploit module exploit/windows/browser/webdav_dll_hijacker. I wanted to see if this old 2010 exploit would work with Windows 8 [...]

By |2019-02-05T12:17:45+00:00October 30th, 2016|Categories: Vulnerabilities|1 Comment

Referer Redirection and Its Inconspicuous Danger

Referer Redirection and Its Inconspicuous Danger Recently I noticed some peculiar behavior on web application. I observed that in certain situations, the webpage would openly redirect to the ‘Referer’ header defined in the request. In this particular instance, the web application required some data from the user to perform that page’s function. When that data was not present, [...]

By |2019-02-05T12:17:45+00:00August 23rd, 2016|Categories: InfoSec, Vulnerabilities|0 Comments