Gianluca Baldi | @Mediaservice.net Technical Blog

CVE-2019-12180 – ReadyAPI & SoapUI command execution via malicous project file

On 4 Feb, 2020
By Gianluca Baldi

In early 2019, I had to pentest a couple of SOAP WebServices of a client and, as usual, I requested them some example requests as a baseline for my analysis.…

CVE-2020-7799 – FusionAuth “Apache Freemarker” Code Execution

On 27 Jan, 2020
By Gianluca Baldi

FusionAuth command execution via Apache Freemarker Template (CVE-2020-7799).

From XML External Entity to NTLM Domain Hashes

On 2 Feb, 2018
By Gianluca Baldi

During this article I will show how it is possible to obtain NTLM password hashes from a Windows Web Server by chaining some well-known web vulnerabilities with internal network misconfigurations.…

Posts by: Gianluca Baldi

CVE-2019-12180 – ReadyAPI & SoapUI command execution via malicous project file

CVE-2020-7799 – FusionAuth “Apache Freemarker” Code Execution

From XML External Entity to NTLM Domain Hashes