CVE-2020-7247 exploit: LPE and RCE in OpenBSD’s OpenSMTPD
I've written an exploit for the local privilege escalation and remote command execution vulnerability in…
CVE-2019-12180 – ReadyAPI & SoapUI command execution via malicous project file
In early 2019, I had to pentest a couple of SOAP WebServices of a client…
OK Google: bypass the authentication!
During a recent assessment of a voice application we found a very intriguing vulnerability that,…
CVE-2020-7799 – FusionAuth “Apache Freemarker” Code Execution
FusionAuth command execution via Apache Freemarker Template (CVE-2020-7799).
CVE-2020-2696 – Local privilege escalation via CDE dtsession
During my recent audit of Oracle Solaris, undertaken as a weekend project, I inevitably had…
CVE-2020-2656 – Low impact information disclosure via Solaris xlock
A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris…
CVE-2019-3010 – Local privilege escalation on Solaris 11.x via xscreensaver
As previously mentioned, INFILTRATE left me with the will to hack stuff and enjoy it…
Remote Desktop tunneling tips & tricks
During a recent pentest, we got access with weak credentials to a Windows machine via…
Copyright © 2000-2020 @Mediaservice.net S.r.l.
Scroll Up ↑