Select Page

Reverse Engineer Router Firmware – Part 1

This series will follow the process of reverse engineering router firmware with the purpose of discovering any vulnerabilities that could be used either remotely or locally to compromise the router. In this section I will mainly be covering how to extract/download the...

Stacked based MSSQL blind injection bypass methodology

If you have a blind SQL injection you are already in a good position. Exploitation however, depending on the type of the blind SQL injection, can take time. This post is part of a methodology used for obtaining output from a stacked based blind SQL injection....

FortiOS Remote Access Web Portal – XSS Vulnerability

Overview: Fortinet delivers a comprehensive portfolio of security gateways and complementary products. FortiGate platforms integrate the FortiOSâ„¢ operating system with FortiASICâ„¢ processors and the latest-generation CPUs to provide comprehensive, high-performance...

CVE-2011-3368 PoC – Apache Proxy Scanner

A recent Apache vulnerability has been made public whereby an attacker could gain unauthorised access to content in the DMZ network: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly...