2022-02-22
Unauthenticated LFI in Appwrite 0.5.0 <= 0.12.1
While exploring cyber space I stumbled upon a project called Appwrite. Looked interesting, started browsing the code. Eventually, I discovered an undisclosed vulnerability in one of the endpoints allowing an attacker to read local files on the system. The …
2021-11-01
Overwriting HttpOnly cookies with Javascript
So I got in contact with Sam Anttila on twitter regarding his article about overwriting HttpOnly enabled cookies using Javascript, which should not be possible. I asked him if he had verified if Firefox exhibits the same behavior. He answered yes and the …
2020-04-20
Technical Analysis Of The Necr0 Python Malware
I recently got a hold of a malware sample written in python that dropped crypto currency miners, among other things. It was built with Python2.7 and was heavily obfuscated. I decided to analyse it and try to break it apart to understand it better and its …
2020-01-27
SLAE 7: Creating your own crypter using golang
In this article, we will build a simple crypter for encrypting and decrypting shellcode. I chose to implement the crypter in Go using environmental keys. I will not spend time implementing a fancy shellcode execution method in this article, only encryption …
2020-01-26
SLAE 6: Creating polymorphic shellcode
The goal of this article is to create polymorphic verions of three different shellcodes from http://shell-storm.org. Polymorphic shellcode has the ability to mutate its code everytime it runs. The instructions changes while algorithm stays intact. The …
2020-01-25
SLAE 5: Analyzing shellcode generated by msfvenom
In this article, I will analyse three shellcode samples generated by msfvenom, specifically: linux/x86/read_file linux/x86/adduser linux/x86/shell/reverse_tcp msfvenom --list payloads -a x86 --platform linux Let’s see if there is something new we can …