Newsletter 23/05/2023
This machine contains a web application that uses a tool to create PDF documents which is vulnerable to command injection, which leads to Remote Code Execution (RCE). Then, we can find plaintext credentials to switch to another user. And this user has sudo
permissions to run a Ruby script that is vulnerable to insecure deserialization in YAML, which can be used to execute commands as root
Cross-Site Search. Bypass Same-Origin Policy for exfiltration
HTTP and DNS traffic analysis. PowerShell. AES cipher
Android dynamic analysis. HTTP traffic. IDOR
Android. Certificate pinning. API Monitor
DES. Padding Oracle Attack
CBC Bifid cipher
Homomorphic encryption. XOR cipher. AES cipher. Brute force
pickle
internals. Python jail