Skip to content
/dev/random

/dev/random

"If the enemy leaves a door open, you must rush in." – Sun Tzu

  • About Me
    • About Me
    • Online Presentations
    • PGP Public Key
  • Disclaimer
  • Tools
    • alerts2afterglow
    • hoover
    • inotes.py
    • known_hosts_bruteforcer
    • pastemon
    • oplb
    • ossec_dashboard
    • ossec2dshield
    • twittermon
    • rrhunter
    • syslog2loggly

Tag: Black Hat

Developers Are (still) From Mars, Infosec People (still) From Venus

November 17, 2015 People / Places, Security 2 comments

In March 2011, Brian Honan contributed to an issue of the INSECURE magazine with an article called “Management are from Mars, information security professional are from Venus“. This title comes from the John Gray’s worldwide bestseller where he presents the relations between men and women. Still today, we can reuse this subject

Continue reading »

Stay in Touch

RSS Twitter LinkedIn

Upcoming Events

Here is a list of events that I will attend and cover via Twitter and wrap-ups. Ping me if you want to meet! The list is regularly updated.

BruCON 0x0B
Botconf
SANS London 2019

Recent Articles

  • BotConf 2019 Wrap-Up Day #1
  • DeepSec 2019 Wrap-Up Day #2
  • DeepSec 2019 Wrap-Up Day #1
  • [SANS ISC] My Little DoH Setup
  • [SANS ISC] Abusing Web Filters Misconfiguration for Reconnaissance

Popular Articles

  • Show me your SSID's, I'll Tell Who You Are! 37,190 views
  • Keep an Eye on SSH Forwarding! 35,309 views
  • Sending Windows Event Logs to Logstash 29,184 views
  • Socat, Another Network Swiss Army Knife 25,524 views
  • Check Point Firewall Logs and Logstash (ELK) Integration 25,392 views
  • Forensics: Reconstructing Data from Pcap Files 21,517 views
  • dns2tcp: How to bypass firewalls or captive portals? 20,534 views
  • Vulnerability Scanner within Nmap 18,565 views
  • Post-BruCON Experience - Running a Wall of Sheep in the Wild 17,057 views
  • Bash: History to Syslog 14,911 views

Recent Tweets

  • The ‘PortReuse’ backdoor works like a good old port-knocking technique: waits for a magic packet to execute an action #WINNTI #BotConf2019

    24 minutes ago

  • Interesting… 1st stage exfiltrates the Volume ID of C: drive -> Used to encrypt the final stage that will be decryp… twitter.com/i/web/status/12026…

    31 minutes ago

  • #PhpMyAdmin should be banned from the Internet! At least, don’t put it live on the wild Internet… #BotConf2019

    About an hour ago

  • We ️ webshells! #BotConf2019

    About an hour ago

  • “Due to the strike, our lunch sponsor could not make it. Techies are present but commercial guys not” “No worries” ;-) #BotConf2019

    About 2 hours ago

Time Machine

RSS NVD Vulnerabilities Feed

  • CVE-2019-5110 (formalms) December 3, 2019
    Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.
  • CVE-2019-5111 (formalms) December 3, 2019
    Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_cat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the […]
  • CVE-2019-5112 (formalms) December 3, 2019
    Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_status was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the […]
  • CVE-2019-5109 (formalms) December 3, 2019
    Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.
  • CVE-2012-4525 (piwigo) December 2, 2019
    piwigo has XSS in password.php
  • CVE-2012-4526 (piwigo) December 2, 2019
    piwigo has XSS in password.php (incomplete fix for CVE-2012-4525)
  • CVE-2019-19016 (webtitan) December 2, 2019
    An issue was discovered in TitanHQ WebTitan before 5.18. Some functions, such as /history-x.php, of the administration interface are vulnerable to SQL Injection through the results parameter. This could be used by an attacker to extract sensitive information from the appliance database.
  • CVE-2019-19491 (testlink) December 2, 2019
    TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request.
Copyright Xavier Mertens © 2003-2019 | Powered by Xavier Mertens Consulting.
This website uses cookies to improve your experience. By using our services, you agree to our use of cookies. Accept Learn more
Privacy & Cookies Policy

Necessary Always Enabled