Newsletter 12/12/2022

Custom encryption using AES and XOR. Bad padding implementation

RSA known bits. Coppersmith method. LLL lattice reduction

GraphQL batching attack. OTP and rate limit bypass. JWT. CSP. DOM Clobbering. XSS

seccomp
rules. Differential encoding

PHP and JavaScript deobfuscation. Disc image inspection

Functional programming in Haskell. z3
solver

64-bit binary. Buffer Overflow. ret2libc

64-bit binary. Buffer Overflow. ret2libc

64-bit binary. Heap exploitation. Use After Free. Fast Bin attack

Directory Traversal. Local File Read. JWT. Broken Access Control. SSRF. Command Injection. RCE