Damn Vulnerable Bash Web Server
This won't be a long blog post, just a little pointer to an A/D CTF challenge that I created last year: A damn vulnerable web framework written
Just another security blog
Files on web servers Part I: History Files
In part I of the blog series, we will go over some "history" files that are commonly found on web servers. What are history files? Most interactive commandline
Pwning your (web)server and network the easy way - or why exposing ~/.ssh/ is a bad idea
Last year I did some research on how an exposed ~/.ssh/ folder on a web server can lead to a complete pwnage. Here's the deal: * I've
InfiniteWP Client < 1.9.4.5 - Authentication Bypass
I was browsing wpvulndb.com when I stumbled upon the InfiniteWP Client authentication bypass. Being curios, I wanted to reverse engineer the unpublished PoC. Here's my (short) journey.
X-MAS CTF: Roboworld
This is my quick & dirty write up for the X-MAS CTF Roboworld challenge. The description is as follows: A friend of mine told me about this website where I