by Philippe Arteau | Jul 16, 2019
Last month, we presented at Hack In Paris (France) a XML External Entities (XXE) exploitation workshop. It showcase methods to exploit XXE with numerous obstacles. Today, we present our method to exploit XXEs with a local Document Type Declaration (DTD) file. More...
by Benoit Cote-Jodoin | Jul 3, 2019
Some time ago; we published a blog about jenkins-fsb, a preconfigured Jenkins instance for efficiently using the plug-in, Find Security Bugs. In that blog post, there was an indication about multiple vulnerabilities having been found but not disclosed. Well, today we...
by Louis Dion-Marcil | Apr 3, 2018
Update: A new blog post has been published as a follow up to this article : ESI Part 2: Abusing specific implementations. Abusing Caching Servers into SSRF and Client-Side Attacks While conducting a security assessment, we noticed an unexpected behavior in the markup...
by Philippe Arteau | Mar 22, 2017
At the moment, Java deserialization vulnerabilities are becoming well known by vendors and attackers. Nevertheless, pentesters will still encounter these types of vulnerabilities. The low-hanging fruits can be identified with the current tools. Most of the available...
by Ian Bouchard | Apr 27, 2016
Update: A follow-up article was published on the detection and the reverse-engineering of those binary web shells. In this article, we will be looking at a new exploitation technique using the default OPcache engine from PHP 7. Using this attack vector, we can bypass...
FR