Category Archive for "MaXe"

WordPress TimThumb Exploitation

muts

One of the biggest blogging platforms, which can easily be extended with vulnerable addons, to support a variety of functions – From CMS’s to pretty much anything. Within some web applications, themes may contain variables that refer to dynamic elements, while in others like WordPress – Insecure PHP files used for caching and resizing images, are surprisingly quite common.

Read More

vbSEO – From XSS to Reverse PHP Shell

muts

XSS is not a big deal, or is it? On many occasions, I’ve seen this vulnerability being classified as useless, not serious, and being a low threat. What I’ve always had in mind is that it’s only the capabilities of…

Read More

vBulletin – A Journey Into 0day Exploitation

muts

The popular vBulletin software is generally a quite secure forum application if you exclude the minimal amount of vulnerable addons. However, when new features are occasionally included, such as Profile Customization, a new vulnerability might be born.

Read More

Finding 0days in Web Applications

muts

Most zero-day exploits in web applications are usually easier to find, study, and attack than actual services like a webserver due to the fact that a hacker does not need to create shellcode, debug the service over and over or…

Read More

Joomla Automated Exploitation

muts

Joomla Automated Exploitation – Most people know or have heard about Joomla. It’s probably the only CMS with the most exploits and vulnerable addons ever made, and sometimes I wonder who creates all these. That however, isn’t important. What matters…

Read More

vBulletin – Not So Secure Anymore

muts

Some time ago, an LFI vulnerability within vBSEO was discovered, which allowed an attacker to include locally hosted files. The challenge, when confronted with an LFI vulnerability, is to leverage it into executing arbitrary code of our choosing.

Read More