Latest Tweets

It’s so dark, that it is not even implemented (yet) Part I

DIME and MAGMA

DIME has been publicized a lot since last January. I’ve been reading the specs document (from 2015) and I have cloned the git repository in order to compile and test MAGMA, their open source server. This server, at least in theory, implements SMTP, IMAP, HTTP, MOLTEN, DMTP and […]

Extract valuable information from binaries with radare2

Preamble

Radare2 is a powerful reverse engineering framework widely used for reverse engineering binaries meant for different architectures. I came across it while dealing with some vulnerabilities of my TENVIS T6812 IP Camera. Later on I started using it on a regular basis for almost everything. I have yet a lot […]

Js Jobs 1.1.6 for Joomla! security issue

Preamble

While preparing a new tutorial on CMS vulnerabilities for Linux User & Developer magazine, I came to find a new vulnerability affecting JS Jobs 1.1.6 and earlier for Joomla!. I reported it to the developers (18/12/2016) and to the VEL list as well. As of this writing, there is still […]