Delegate 2 Thyself
Posted on Tue 17 March 2020 in Active Directory • Tagged with active directory, infrastructure, windows, delegation
Abusing Users Configured with Unconstrained Delegation
Posted on Sun 15 March 2020 in Active Directory • Tagged with active directory, infrastructure, windows, delegation
Active Directory Reconnaissence - Part 1
Posted on Wed 12 February 2020 in Active Directory • Tagged with active directory, reconnaissence, infrastructure, windows
Android Basics
Posted on Sun 16 August 2015 in Mobile Hacking • Tagged with android, mobile, reverse engineering
Authenticated Stored XSS in TangoCMS
Posted on Thu 19 March 2015 in Web Hacking • Tagged with web, xss
Demonstrating to possibilities of exploiting an authenticated stored XSS vulnerability
Continue reading
CSRF In BigTree CMS
Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, csrf, responsible disclosure
A cross site request forgery vulnerability that existed in BigTree CMS version <= 1.4.5
Continue reading
Hacking FoeCMS
Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, sql injection, xss, smtp injection, insecure authentication, remote code exection
A hacking session against the open source FoeCMS where a number of vulnerabilities were found
Continue reading
A Web Hack
Posted on Sun 08 February 2015 in Web Hacking • Tagged with web, sql injection, password cracking, file upload, path disclosure, xss, python
Improving The ROP Exploit
Posted on Wed 14 January 2015 in x86-32 Linux • Tagged with exploit development, linux, 32bit, fuzzing, buffer overflow, rop
Adding to the last return orientated programming exploit by using a few more advanced ROP techniques
Continue reading
Beating ASLR and NX using ROP
Posted on Sun 11 January 2015 in x86-32 Linux • Tagged with exploit development, linux, 32bit, fuzzing, buffer overflow, rop
Using return orientated programming to beat both address space layout randomization and never execute on 32bit Linux
Continue reading