@Mediaservice.net Technical Blog

Recent News

CVE-2018-14665 exploit: local privilege escalation on OpenBSD 6.3 and 6.4

CVE-2018-14665 exploit: local privilege escalation on OpenBSD 6.3 and 6.4

This is my take on the recent Xorg vulnerability (CVE-2018-14665): "A flaw was found in…

From query manipulation to password extraction

From query manipulation to password extraction

Recently, I analyzed an AngularJS web application that executed queries on the backend in a…

CVE-2017-10271: Oracle WebLogic Server Remote Command Execution – Sleep detection payload

CVE-2017-10271: Oracle WebLogic Server Remote Command Execution – Sleep detection payload

Recently we faced a version of Oracle WebLogic vulnerable to CVE-2017-10271. The issue can be exploited…

Brida – A step-by-step user guide

Brida – A step-by-step user guide

Hi! Today we will take a step-by-step tour on how to use Brida. We…

From XML External Entity to NTLM Domain Hashes

From XML External Entity to NTLM Domain Hashes

During this article I will show how it is possible to obtain NTLM password hashes…

How a UNIX hacker discovered the Windows PowerShell

How a UNIX hacker discovered the Windows PowerShell

*** EDIT (2018-03-12): This script served me very well during these last months and I've finally…

A patch for PowerSploit’s Invoke-Shellcode.ps1

A patch for PowerSploit’s Invoke-Shellcode.ps1

In my recent and somewhat surprising exploration of Windows PowerShell (stay tuned for a longer…

In praise of tactical exploitation

Having honed my skills during the X.25 and Phreaking era, I've always been a vocal proponent…