Clik here to view.
WordPress SQL column truncation vulnerability
This vulnerability has been published some days ago where an attacker could create a duplicated “admin” user and recover the legitimate “admin” password. SQL column truncation is an attacking...
View ArticleSCADA Security
It is interesting to see how security research is a kind of a living being. Almost by nature security rearchers focus their efforts in whatever is more familiar to them, resulting in a vast amount of...
View ArticleClik here to view.
MS vulnerabilities and worms
Time between vulnerability disclosure and worm spread has been drastically reduced. The MS08-067 vulnerability has been published some hours ago. Microsoft rated this vulnerability as critical, as a...
View ArticleClik here to view.
Exploiting SQL injection vulnerabilities with Metasploit
In this post we are going to show how to exploit a SQL injection vulnerability on a web application using Microsoft SQL server backend where xp_cmdshell is available to the attacker. Given a...
View ArticleClik here to view.
CVE-2011-3368 PoC – Apache Proxy Scanner
A recent Apache vulnerability has been made public whereby an attacker could gain unauthorised access to content in the DMZ network: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42,...
View ArticleClik here to view.
CVE-2011-4107 PoC – phpMyAdmin Local File Inclusion via XXE injection
An interesting local file inclusion vulnerability has been recently published. An XXE (XML eXternal Entity) injection attack, which affects phpMyAdmin 3.4.x previous to 3.4.7.1 and 3.3.x previous to...
View ArticleClik here to view.
FortiOS Remote Access Web Portal – XSS Vulnerability
Overview: Fortinet delivers a comprehensive portfolio of security gateways and complementary products. FortiGate platforms integrate the FortiOSâ„¢ operating system with FortiASICâ„¢ processors and the...
View ArticleClik here to view.
Stacked based MSSQL blind injection bypass methodology
If you have a blind SQL injection you are already in a good position. Exploitation however, depending on the type of the blind SQL injection, can take time. This post is part of a methodology used for...
View ArticleHow easy would it be for a cyber criminal to gain control of a plane in mid-air?
The disappearance of flight Malaysia Airlines MH370 has raised questions about why it is taking authorities so long to find out the aircraft’s location – with lots of people asking ‘why don’t they just...
View ArticleClik here to view.
Reverse Engineer Router Firmware – Part 1
This series will follow the process of reverse engineering router firmware with the purpose of discovering any vulnerabilities that could be used either remotely or locally to compromise the router. In...
View Article
