Sign in

In this article you will learn:

• What is File Read (unauthorized reading of files), why it is dangerous and what vulnerabilities may be the cause of such condition

• How to make sure that we are dealing with this vulnerability during testing

• What are the strategies for exploiting…


Since 2015 when java deserialization was a major threat, lots of patches and improvements has been introduced. How to approach testing for java serialization to achieve best results? How do you use ysoserial properly? Learn it from the below article.

The article is based on talks I gave recently on…


This is the second part of the “Java RMI for pentesters” article. The first part can be found here and you can learn from it what are Java RMI registries (I am mainly speaking about non-JMX ones) and how to interact with them.

In the current part we will talk…


Post ten jest kontynuacją pierwszej części, w której omówiliśmy dwie techniki zapewnienia sobie stałego dostępu do systemu windows: poprzez usługi (services) oraz poprzez zaplanowane zadania (scheduled tasks).

Kolejną lokalizacją, w której może zostać ukryty backdoor, jest Rejestr systemu Windows. Rejestr systemu Windows pełni rolę bazy danych dla krytycznych metadanych systemu…


The purpose of this article is to explain to you, what are RMI interfaces you might encounter during penetration testing of infrastructure. Since the whole topic I’d like to cover is a bit long, I’ve split it into two parts. In the following part, I’ll just briefly explain what RMI…


Niniejszy artykuł inspirowany jest prezentacją przedstawioną na śląskim meet-upie 1753C w styczniu 2020. W tej i kolejnych częściach, przedstawię Wam kilka przykładów backdoorów na systemach Windows — od najprostszych do trochę bardziej nietypowych. Sam backdoor, czyli z angielskiego „tylna furtka” to pewnego rodzaju ukryty kanał dostępu do jakiegoś zasobu cyfrowego…


One December morning, I was delegated for a “quick” infrastructure test at the customer’s site. There were a lot of different hosts outside while inside there were a lot of Windows hosts entwined in a beautiful AD structure.

After getting inside and taking over the first machine, I realized my…


Introduction

Purpose of this short research was to determine possible solution to escalate from PostgreSQL privileged access to Code execution. PostgreSQL is known for its powerful file system interaction capabilities, however, the last version of it where SQLmap allowed to execute code was version 9, which was released before 2017. During…

AFINE

If you’re looking for the good guys who are ready and able to hack you, need look no further. We professionally find vulnerabilities before the bad guys do.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store