smaury

A Journey From sudo iptables To Local Privilege Escalation

In this post, we demonstrate two techniques allowing a low privileged user to escalate their privileges to root in case they can run iptables and/or iptables-save as

Bref Security Audit

Bref Security Audit, sponsored by Amazon Web Services (AWS), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.

How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale

Learn how to decrypt Manage Engine Password Manager Pro (PMP) passwords after exploiting CVE-2022-35405.

1-click RCE on Keybase

Keybase client allowed inject arbitrary links with arbitrary protocols. This caused a Remote Command Execution on Windows and MacOS.

Exploiting Apache Solr through OpenCMS

Exploiting a known XXE in Apache Solr through OpenCMS handleSolrSelect, to read arbitrary files from the OpenCMS' server.

SOLUZIONE Seeweb Hacking Contest 2017: Music Of The Atoms

Soluzione del CTF Hacking Contest 2017: Music Of The Atoms di Seeweb. Scopri come risolvere tutte le challenge del #SeewebContest

SOLUZIONE HiB CTF 2017 Spring Edition

Soluzione del CTF di HackInBo 2017 Spring Edition 2017. Scopri come risolvere tutte le challenge!

CTF – Hands off my money

Dimostra la tue abilità da hacker per completare la CTF di Shielder e vincere fantastici premi dal 22 Aprile 2016 13:37 GMT al 06 Maggio 2016 13:37 GMT.

Analisi Documento Word con Macro malevole

Come funziona un Trojan: analisi di un Documento di Word contenente Macro Malevole.

Meglio insicuri che erroneamente protetti

Come un sistema di protezione mal progettato può diventare un ottimo vettore d'attacco.