Home
💻 | Blog
Cancel

OpenCATS PHP Object Injection to Arbitrary File Write

Introduction OpenCATS is an application tracking system that is written in PHP. More about OpenCATS can be seen here: https://www.opencats.org/. OpenCATS is vulnerable to PHP Object injection, by ...

Jan 17, 2021 web application security

PHP Object Injection Exploitation Notes

Notes I’ve written and Collected about PHP Deserialization Introduction serialize and unserialize Serialization functions are commonly used within software to store data to a file, a memory buff...

Jan 9, 2021 web application security

Code Security Advent Calendar 2020 Answers

SonarSource is a company focused on code quality and static analysis. This year, SonarSource, along with RIPS Technologies will be tweeting code challenges from real world vulnerabilities on their ...

Dec 29, 2020 ctf

Writing AngularJS Security Semantic Rules using Semgrep

AngularJS Security is something I have looked into in the past. In 2016, I conducted a workshop on AngularJS Security in MWR’s MWRICON which highlighted some common security issues and how they cou...

Sep 3, 2020 software security, static analysis

Demystifying HTTP request smuggling

This is a cross post of the blog post written here:https://snyk.io/blog/demystifying-http-request-smuggling/. Often at my role as a Security Analyst within Snyk, I study trends within the dependenc...

Jul 1, 2020 software security

Webhacking.kr Solutions

This blog post contains a walk-through of https://webhacking.kr/ wargames which was recommended to me by a friend. Level 1 The following can be seen in level 1. The source code of the backend ...

Apr 4, 2020 ctf

Patching Zip Traversal within pclzip

Recently I went hunting for Zip traversal vulnerabilities within the PHP ecosystem. While looking at well known PHP ZIP dependencies, I noticed that, both pclzip and zipper were vulnerable to trave...

Mar 2, 2020 software security

DomGoat Walkthrough

DOM-based Cross site Scripting (XSS) is a type of XSS where user input is written to a web pages’ Document Object Model without proper sanitization. This could be abused by an attacker to manipulat...

Feb 9, 2020 web application security

Exploit Education - Nebula Walkthrough

This blog post contains a walkthrough of Nebula provided by Exploit Education. Nebula is a vulnerable ISO which has a variety of Linux privilege escalation vulnerabilities. Some of these vulnerabil...

Sep 18, 2019 ctf

Common XSS payloads I use

Common XSS Tricks I use This post contains a common list of XSS payloads I tend to use most of often. Taken from the internet, the origin of most of these payloads are uknown but they are often sh...

Aug 3, 2019 web application security