Select Page

Cisco config retrieval tool and password reuse

The other day we were at a client site doing a penetration test. This was a very big deployment with almost 100 routers. At some point during the test we managed to get the read/write community string of one of the routers, as there was a script with the hard-coded...

WordPress SQL column truncation vulnerability

This vulnerability has been published some days ago where an attacker could create a duplicated “admin” user and recover the legitimate “admin” password. SQL column truncation is an attacking technique whereby an attacker take advance of some...