Hi everybody, today I’ll talk about the pseudo-tty idea I had and why I decided to stop the development of that module and why. ReGeorg ReGeorg is a module that could be applied to multiple language, it is made so that you will be able to proxy a TCP connection through a script. The …
Hi, today a really quick article about Amazon WebServices and the way it operates. Quick summary EC2 servers are Amazon’s equivalent of dedicated servers, while S3 are considered as buckets and are used to store files (it operates as a CDN). While on those instances, a MetaData server is available at that address: http://169.254.169.254/latest/meta-data/hostname Accessing …
Phew, so I just spent my whole day debugging a supposedly RCE I got during an assessment. I’ll talk in this article about what happened and how I managed to debug a faulty plugin. Long story short So, I won’t explain how I got access to the admin page for obvious reasons but what …
Hi everybody, today I’ll do an article about a method to debug a Navio2 drone, and some basic recalibration and configuration you can do. Creating a connection between the drone and a ground control First of all, you’ll have to setup some connections between the drone and the ground control. To do so, I will …
Hi everybody, today I’m a little bit late but I’ll do a final article about Tapestry. I’ll write about the form system since I spent a little bit of time auditing it. How does it work? The framework will send a parameter to add to each form (as a hidden form value), which will act …
Hi, today I’ll continue a little bit my exploration about Apache Tapestry. Here’s what I learned today. General architecture of Tapestry Tapestry presents itself as a way to code with an object oriented-programming web applications. It means that when you setup a “page” in tapestry, you won’t have to think in terms of requests, parameters …
Hi everybody, this time, same treatment, I don’t think it deserves its own article so I just don’t categorize it, however it is a pentesting article. I had to test an application using Apache Tapestry today, which is a Java Web Framework, similar to faces or wicket. URLencoding The most obvious thing once you test …
Hi, today I’ll do a quick article that’s talking primarly about security but I won’t enter it into the pentest category since the question I didn’t develop a solution yet. The need for a pseudo-tty Why should we need a pseudo-tty? During a pentest, there are a lot of cases where you would need …
Hi everybody, today I’ll talk about Express, which is a NodeJS framework used to create web applications and how to abuse it to exploit a directory traversal on some implementations. Directory traversal You probably already know what is a directory traversal, but in short, it is based on the ability to use “../”, which …
Hi, today I’ll write a quick article on how to tunnel a linux server through a bounce you don’t want to give access easily. The steps are pretty easy to do: Creating a virtual machine The virtual machine will act as the server the victim will connect to. Because we don’t want to give an …