InfoSec Blog

thezero

Security Researcher and Senior Penetration Tester at Shielder.
In the office I’m the one with the soldering iron.

NotSoSmartConfig example run

By thezero

20/04/2020

NotSoSmartConfig: broadcasting WiFi credentials Over-The-Air

Security analysis of the SmartConfig procol by Espressif and publishing of the NotSoSmartConfig tool, able to retrieve WiFi credentials from a PCAP.

Read more

IoT Exploit ESP32 SmartConfig

4

Min

XXE to RCE via XML file opening

By thezero & zi0black

24/10/2019

Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, …

The LSP4XML library used by many IDE and editors was affected by an XXE which lead to RCE exploitable by just opening an XML file.

Read more

RCE XXE Exploit Writeup

6

Min

OpenStack's noVNC XSS

By thezero

19/10/2019

Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack

OpenStack was using an old version of noVNC affected by a DOM-based XSS that allowed attackers to steal VM tokens and take over VMs.

Read more

XSS Exploit Writeup

4

Min

Webtech Usage

By thezero

08/03/2019

WebTech, identify technologies used on websites

Release of WebTech, a tool for RECON during Penetration Tests that scan websites and identify technologies and frameworks in use.

Read more

Web Tool

2

Min

Frida

By thezero

04/02/2019

FridaLab – Writeup

Writeup for the FridaLab challenge with a basic introduction to the Frida toolkit on Android.

Read more

CTF Tutorial Writeup Android Frida

3

Min