2022-02-22

Unauthenticated LFI in Appwrite 0.5.0 <= 0.12.1

While exploring cyber space I stumbled upon a project called Appwrite. Looked interesting, started browsing the code. Eventually, I discovered an undisclosed vulnerability in one of the endpoints allowing an attacker to read local files on the system. The …



2021-11-01

Overwriting HttpOnly cookies with Javascript

So I got in contact with Sam Anttila on twitter regarding his article about overwriting HttpOnly enabled cookies using Javascript, which should not be possible. I asked him if he had verified if Firefox exhibits the same behavior. He answered yes and the …



2020-04-20

Technical Analysis Of The Necr0 Python Malware

I recently got a hold of a malware sample written in python that dropped crypto currency miners, among other things. It was built with Python2.7 and was heavily obfuscated. I decided to analyse it and try to break it apart to understand it better and its …



2020-01-27

SLAE 7: Creating your own crypter using golang

In this article, we will build a simple crypter for encrypting and decrypting shellcode. I chose to implement the crypter in Go using environmental keys. I will not spend time implementing a fancy shellcode execution method in this article, only encryption …



2020-01-26

SLAE 6: Creating polymorphic shellcode

The goal of this article is to create polymorphic verions of three different shellcodes from http://shell-storm.org. Polymorphic shellcode has the ability to mutate its code everytime it runs. The instructions changes while algorithm stays intact. The …



2020-01-25

SLAE 5: Analyzing shellcode generated by msfvenom

In this article, I will analyse three shellcode samples generated by msfvenom, specifically: linux/x86/read_file linux/x86/adduser linux/x86/shell/reverse_tcp msfvenom --list payloads -a x86 --platform linux Let’s see if there is something new we can …