Hey, so I’ve been doing some follow-up research on the vulnerability I found in Smarty and I’ll be doing a quick post on what I found, with the conditions needed to trigger it. Version affected So I’m not finished with the testing obviously but there were some weird things, such as the fact that …
Hi everyone, I’m writing a quick article to speak about the Insomnihack 2018, which is a security conference held in Geneva, I went there to participate in the Capture the Flag event, or CTF. What is a CTF? A capture the flag event is a security event where information security enthusiasts gather to solve …
This is a continuation of my precedent article concerning PhantomJS. As I said, my end goal is to create a JavaScript deobfuscator tool using PhantomJS (for scalability purposes). After checking the PhantomJS binary and help, it doesn’t seem like there is a debugging function used to print the different called arguments or any way I …
Hey. Today I’ll get back to my roots and talk about information technology or more specifically computer security. I wanted to get started to PhantomJS because I wanted a way to deobfuscate easily a JavaScript file since my only way to doing that is either doing it manually (with jsbeautifier + manual/replacing eval to console.log) …