SLAE32 #1Bind TCP shell

Commenti

Posta un commento

Post popolari in questo blog

From SAST to CVE-2025-46337

Immagine
 From SAST to CVE-2025-46337 From the start of my career in cybersecurity, I have always worked as a black box pentester. Since I believe that learning new topics is always a good use of my time and that I should increase my knowledge of white box pen testing, I decided to explore the Static Analysis Security Testing (SAST) topic. I started my journey into SAST using the well-known tool SonarQube. To practice with the tool and to become familiar with the GUI and the mechanisms that are behind it, I decided to analyze the code of a few known projects. I chose two projects to analyze. The first one is "Moodle", a very well-known open-source project whose main purpose is to create websites for universities. The second is VtigerCRM, a familiar project on which I discovered several CVEs last summer. I started the SAST first against the source code of Moodle and then against the source code of VtigerCRM. Surprisingly, SonarQube found an SQL Injection on both projects! Since the sou...
Continua a leggere

CVE-2025-45878,CVE-2025-45879 and CVE-2025-45880 Showcase

CVE-2025-45878,CVE-2025-45879 and CVE-2025-45880 Showcase This blog post is written to showcase the three CVEs I discovered in the web application Amigdala 2.2.6 by Miliaris. For this time, I'll stick with the Mitre Template, and I will avoid releasing any sensitive information. CVE-2025-45878 ( Mitre ) ( NVD ) [Suggested description] A reflected cross-site scripting (XSS) vulnerability in the report manager function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload.
Continua a leggere

Case of Study : Hide PowerUp.ps1 from MS Defender

Immagine
Hide PowerUp.ps1 from MS Defender PowerUp.ps1 is a well-known script among pentesters for escalating local privileges. However, since it is fairly old and quite popular, Microsoft Defender detects it as malicious. To use it, we need to either create a custom version of the script or obfuscate the one available online. In this guide, we will use a minimal obfuscation approach. By making small changes to the script, we can bypass Microsoft Defender’s detection and use the script without any issues. What We need A Windows VM with the AV Signatures Updated The PowerUp.ps1 Script ( here ) The Tool DefenderCheck made by matterpreter ( here ) Notepad Let's Start The first step is to disable Microsoft Defender temporarily so we can download the PowerUp.ps1 script without interference. After disabling Windows Defender, go to the GitHub page that contains the raw version of PowerUp.ps1. Copy the content and save it in Notepad with a .ps1 extension. Once you have downloaded both the PowerUp ...
Continua a leggere