Friday, 29 April 2016

Another DoS in MS Publisher 2010

During last week I found few more NULL ptrs in MS Office Publisher (2010 for Windows 7).




Mail me if you want the poc (I already sent it to MS 3 months ago).

Maybe later I will post more details. For now it looks like a DoS only.

Cheers ;)

Thursday, 3 March 2016

BrokenWebapps - CTF writeup

When I was looking for a new CTF, I found interesting website with multiple CTFs ISO and VM images, prepared (vulnerable) to hack. I decided to try OWASP Project called BrokenWebapps (VM I’ve tried was OWASP_Broken_Web_Apps_VM_1.2).

I prepared the VM and started another one (this time with Kali2.0 – both on VirtualBox). As far as I know, we can treat this VM as a big WWW server, hosting multiple webpages.


Sunday, 27 December 2015

Joomla CVE-2015-7857 writeup

(I wrote this as a 'note' in 14.12.2015 but in case that all information are already public,
below you will find proof of concept and little write-up for vulnerability described in this CVE.)


Saturday, 26 December 2015

New version of Lime Survey

As far as I know LimeSurvey is already updated, so below you will find all described vulnerabilities I found nearly 2 months ago during some small 'code review' exercises.

Response from LimeSurvey Team was very fast! :)

Found: 4.11.2015
Sent:    5.11.2015
Resp:   5.11.2015

AFAIK all findings were fixed in 48h. So... here we go:

Saturday, 24 October 2015

[EN] SOAP testing

During one of last projects I needed to test some webservices.

I was wondering: if I can do it with Burp or by manual testing,
maybe I can also write some quick code in python...

And that's how I wrote soapee.py:


Friday, 2 October 2015

My Java SIGSEGV's

During couple of last days I was checking lcamtuf’s American Fuzzy Lop against some (“non-instrumented”) binaries. 

I was wondering, what will happen if I will run it against Java… ;)

I was looking for some sources, but unfortunately I wasn’t able to find any. Next thing was checking where I have Java installed (so I will know what/where I can check. Kind of ‘test lab’ was: Ubuntu 12, Kali Linux, WinXP, Win7. (Exact version of Java installed on that OS’s you will find below.)

Friday, 19 June 2015

[EN] Social engineering attacks during conference in Katowice

Thanks for watching and all questions during this conference ;)

It was a great energy!

More details: http://www.tuv-nord.com/pl/pl/aktualnosci-436-1921.htm

See you next time.


o/


Wednesday, 27 May 2015

SQLI in e107 CMS

During last few weeks in the middle of time I was doing also some source code review.
That's how I found sqli bug in admin panel in e107 CMS. After a fast response from e107 Team,
fix was created.

This bug was found in e107_2.0_full_beta1 version. I don't know if other versions are also vulnerable.

Details about the vulnerability (even when it's in admin panel) will not be published for now.

Stay in touch. ;)


Monday, 25 May 2015

[EN] Browser exploitation during CybercomDev conference - Updated

During this weekend I gave my first formal security presentation at CybercomDev in Poland.
I was talking about use-after-free exploits, fuzzing and browser exploitation.
Thank you for watching and support ;)


* Currently this presentation is available only on demand.

* Update - 16.07.2015 *
Video (PL) is available here. Thank's Kenis. ;)


See you next time! ;)

o/





Tuesday, 28 April 2015