Latest Tweets

Extract valuable information from binaries with radare2

Preamble

Radare2 is a powerful reverse engineering framework widely used for reverse engineering binaries meant for different architectures. I came across it while dealing with some vulnerabilities of my TENVIS T6812 IP Camera. Later on I started using it on a regular basis for almost everything. I have yet a lot […]

Js Jobs 1.1.6 for Joomla! security issue

Preamble

While preparing a new tutorial on CMS vulnerabilities for Linux User & Developer magazine, I came to find a new vulnerability affecting JS Jobs 1.1.6 and earlier for Joomla!. I reported it to the developers (18/12/2016) and to the VEL list as well. As of this writing, there is still […]

Mysql CVE-2016-6664 Dawid Golunski’s exploit fails and could crash the entire system

Preamble

The root privilege escalation exploit written by Dawid Golunski did not work out-of-the-box on a mysql vulnerable database server running on WebSecurity Dojo. Although the first exploit (gaining mysql user privileges) did work, after that I could not gain root access by running the shell script designed to exploit CVE-2016-6664:

[…]