Outer Web | Explore

Explore >> Select a destination

You are here		chovid99.github.io KalmarCTF 2024 - Chovid99's Blog
\|	\|	www.ambionics.io Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 2)	6.3 parsecs away Travel
\|	\|	In this blog post, we will explore a new way of exploiting the vulnerability on PHP, using direct calls to iconv(), and illustrate the vulnerability by targeting Roundcube, a popular PHP webmail.	6.3 parsecs away Travel
\|	\|	roundofthree.github.io Exploitation of AIxCC Nginx bugs: Part I \| RoundofThree	6.3 parsecs away Travel
\|	\|	This blog post will analyse the exploitability of the temporal safety vulnerabilities in Nginx AIxCC. AIxCC is a DARPA competition to find vulnerabilities in codebases using AI. The competitors are not looking for 0-days but rather intentionally added vulnerabilities in existing codebases. One of them was Nginx in the semifinals, which already took place. In this blog post, I will have a different focus on whether these added vulnerabilities can be exploited to achieve more than just crashes.	6.3 parsecs away Travel
\|	\|	blog.bricked.tech RaRCTF 2021 - Return of EmojiDB \| bricked.tech	4.6 parsecs away Travel
\|	\|	A nice intro to heap challenges, featuring tchache and the unsortedbin.	4.6 parsecs away Travel
\|	\|	pentestlab.blog Group Policy Preferences - Penetration Testing Lab	28.4 parsecs away Travel
\|		Group policy preferences allows domain admins to create and deploy across the domainlocal users and local administrators accounts. This feature was introduced in Windows 2008 Server however it can be abused by an attacker since the credentials of theseaccounts are stored encrypted and the public key is published by Microsoft.This leaves the door open to...	28.4 parsecs away Travel