Introduction to Security Class (BSY), FEL, Czech Technical University

I’ve recently been working on some exciting development projects, including a deep dive into archive extraction. During this work, I discovered some fascinating behaviours that I’m thrilled to share with you in the following sections.

In this post, we demonstrate two techniques allowing a low privileged user to escalate their privileges to root in case they can run iptables and/or iptables-save as

A writeup of my $4133.70 Google Drive vulnerability chain.

a post going over 4 exploits for CVE-2024-20017, a remotely exploitable buffer overflow in a component of the MediaTek MT7622 SDK.

Create tar/zip archives that try to exploit zipslip vulnerability. - nodyhub/zipslipper

Introduction Every company establishes processes to identify security vulnerabilities, prioritize them, develop solutions, and, in some cases, strategically accept risk either temporarily or permanently. Security exceptions are closely tied to vulnerability…

Are you tired of compromising your privacy and security when sharing files online? What if there was a way to transfer data that was not only secure and efficient but also put you in complete control? Imagine a file sharing solution that combines cutting…

Let me scan it, what could possibly go wrong?

In a world increasingly reliant on secure digital communications, it’s surprising to learn that many countries, including those in critical sectors such as healthcare and industrial control systems (SCADA), still use outdated pager networks like POCSAG for…

After attending the OST2 – Exp4011 […]

CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability Deep-Dive and Indicators of Compromise. This blog details a hardcoded credentials vulnerability which allows an unauthenticated attacker to read and modify all help desk tickets.

Summary A vulnerability in the Nortek Linear eMerge E3 allows remote unauthenticated attackers to cause the device to execute arbitrary commands. Credit An independent security researcher working with SSD Secure Disclosure Vendor Response The vendor has been…

The protocol that is used by the WatchGuard Single Sign-On (SSO) agent to communicate with the respective client services is neither encrypted, nor authenticated. The unprotected information that is communicated is used to decide which firewall rules should…

Original file ‎(SVG file, nominally 1,000 × 1,000 pixels, file size: 9 KB)

Summary A vulnerability in the Nortek Linear eMerge E3 allows remote unauthenticated attackers to cause the device to execute arbitrary commands. Credit An independent security researcher working with SSD Secure Disclosure Vendor Response The vendor has been…

Uncover hidden subdomains: Boost your cybersecurity, validate digital assets, and supercharge your pen testing. Find every subdomain linked to any website.

In this blog, we’ll dive into how Heartbleed works, the vulnerable code and how to exploit it.

Introduction Hello Folks, Today I am providing an all-encompassing OSCP preparation guide containing the advice and resources I wish I had when I started this path towards the OSCP. If you have any questions relating to OSCP preparation or anything else,…