Blog Logo
Sebastian Neef - 0day.work

  • Home
  • Contact
  • @0daywork
  • @gehaxelt
  • Impressum
  • Datenschutz

Measuring a Tor Hidden Service's idle Traffic

19 November 2020  research

A month ago, I wondered myself how much traffic an idle hidden service would consume just to keep the necessary circuits open. To answer this question, I set up a

Credentials hiding in plain sight or how I pwned your http auth

05 July 2020  research

In this blog post I will go over the little research project I did about http authentication credentials hiding in plain sight. Idea A few month ago, I was thinking

Files on web servers Part I: History Files

20 January 2020  research

In part I of the blog series, we will go over some "history" files that are commonly found on web servers. What are history files? Most interactive commandline

Pwning your (web)server and network the easy way - or why exposing ~/.ssh/ is a bad idea

16 January 2020  research

Last year I did some research on how an exposed ~/.ssh/ folder on a web server can lead to a complete pwnage. Here's the deal: I've seen it in the

Open Redirects In Improperly Configured mod_rewrite Rules (PoC for CVE-2019-10098?)

29 October 2019  cve, writeups, research

I recently came across the following Apache vulnerability: "mod_rewrite potential open redirect (CVE-2019-10098)", but I couldn't find a proof of concept, so I started playing around with

Page 1 of 3 Older Posts →
© 2023 Sebastian Neef - 0day.work All rights reserved.

Coder Ghost Theme created by Milos Bejda
Proudly published with Ghost