From XSS to RCE

From XSS to RCE

About 3 days ago, I was recursively bruteforcing subdomains for a domain and I stumbled upon a domain that hosted an admin panel. I guess it was my lucky day because it didn’t require any authentication. It a web interface to monitor and control some sort of industrial machines. They might have thought that it’s well hidden and it needs to be accessed a million times a day by every other employee so they kept it open to keep off the hassle.

I thought I hit the jackpot but then I realised I could just monitor the systems, I needed credentials to make the machines do anything.

Read more
Mass Cracking Cybrary Accounts

Mass Cracking Cybrary Accounts

TL;DR Cybrary leaks usernames from multiple endpoints, has no restrictions on password strength, has xml-rpc enabled which makes it a good target for password spray attacks.

Read more
21 things you can do with XSS

21 things you can do with XSS

Simply put, XSS is an underrated vulnerability. Well, there are a couple of good reasons:

  • It’s a client side vulnerability
  • White hats just need that popup for POC (most of the times)
  • Most of the blacks hats don’t know enough JS to make money out of XSS
Read more
CORS, SOP & crossdomain.xml For Dummies

CORS, SOP & crossdomain.xml For Dummies

Things were really simple when webpages were static. Write some text, add images, add links and serve it to your users.
Then JavaScript came into existence and it made webpages dynamic.

Read more
Learn SQL for SQL Injection in 10 minutes

Learn SQL for SQL Injection in 10 minutes

Hi there! This article is focused on whats important and I hope you have read my introductory article about SQL and SQL injection . So lets go!

As we know, data is stored in databases . A server can have many databases. Databases contain tables and tables contain data in the form of rows and columns .

Read more