Recent News
CVE-2020-7247 exploit: LPE and RCE in OpenBSD’s OpenSMTPD
I've written an exploit for the local privilege escalation and remote command execution vulnerability in…
CVE-2019-12180 – ReadyAPI & SoapUI command execution via malicous project file
In early 2019, I had to pentest a couple of SOAP WebServices of a client…
OK Google: bypass the authentication!
During a recent assessment of a voice application we found a very intriguing vulnerability that,…
CVE-2020-7799 – FusionAuth “Apache Freemarker” Code Execution
FusionAuth command execution via Apache Freemarker Template (CVE-2020-7799).
CVE-2020-2696 – Local privilege escalation via CDE dtsession
During my recent audit of Oracle Solaris, undertaken as a weekend project, I inevitably had…
CVE-2020-2656 – Low impact information disclosure via Solaris xlock
A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris…
CVE-2019-3010 – Local privilege escalation on Solaris 11.x via xscreensaver
As previously mentioned, INFILTRATE left me with the will to hack stuff and enjoy it…