Published inInfoSec Write-upsDLL hijacking in TOTOLINK A600UB Driver Installer | CVE-2024–51141IntroductionOct 27, 2024Oct 27, 2024
Published inInfoSec Write-upsChamilo LMS — Authentication Bypass and Cross-Site Scripting StoredVulnerabilities in Chamilo LMSOct 27, 2024Oct 27, 2024
Published inInfoSec Write-upsChamilo LMS 1.11.14: Analysis of Two Blind SQL Injection VulnerabilitiesWhat is Chamilo LMS?Aug 28, 20241Aug 28, 20241
Published inInfoSec Write-upsBFS Ekoparty 2022 Exploitation ChallengesHello and welcome to all readers.Jan 26, 2024Jan 26, 2024
Malware Analysis — citacionpoderjudicl.msi (Mekotio)Brazilian malware that affects Chile and other countriesJan 2, 2024Jan 2, 2024
Published inInfoSec Write-upsThe truth behind the 3rd argument for exploiting the WebexserviceReading the informative article by researchers @iagox86 and @jeffmcjunkin…Feb 10, 2023Feb 10, 2023
Published inInfoSec Write-upsDebugging a Windows Service in User-ModeRecently, I had the opportunity to get acquainted with an interesting post about a vulnerability in the WebEx client, found at…Feb 7, 2023Feb 7, 2023
Published inInfoSec Write-upsHigh Level Analysis of Custom BrowsersHello and welcome to all readers.Feb 2, 2023Feb 2, 2023
Published inInfoSec Write-upsRouter NR1800X — Command injection via setUssdHi and welcome to all readers of this post.Nov 10, 2022Nov 10, 2022
D-Link DIR-859 — RCE Unauthenticated (CVE-2019–20216 — CVE-2019–20217) [EN]ResearchersJan 28, 2020Jan 28, 2020
D-Link DIR-859 — UnAuthenticated RCE in ssdpcgi HTTP_ST (CVE-2019–20215) [EN]ResearchersJan 3, 2020Jan 3, 2020
Hackaton Telefonica 2019 — Box BofetadaLo primero que encontramos es un servicio web en el puerto 80, donde tememos un menú de Servicios, Clientes, Intranet y Contactos.Jul 30, 2019Jul 30, 2019
Reversing de Virtual VCR Max para un bug tipo Stack Buffer OverflowViendo un post al azar en (ExploitDB) de una vulnerabilidad de tipo Denegación de servicio para el binario Virtual VCR Max, donde el uso…Feb 25, 2019Feb 25, 2019
Micro Focus — Solutions Business Manager with (CVE-2019–3477)Este sera un breve post el cual explicare algo muy trivial que se puede encontrar en muchas plataformas y sistemas web como son las…Jan 4, 2019Jan 4, 2019
RealFlex RealWin Server [SCADA] Reverse y ExploitPrimero que todo esta vulnerabilidad ya tiene un par de años exactamente es del 2010 su CVE-2010–4142. Mi objetivo es volver a escribir el…Oct 17, 2018Oct 17, 2018
NICO-FTP 3.0.1.19 — Buffer Overflow SEH with Bypass ASLRUna breve descripción del binario. Bueno este programa es un cliente para el servicio de FTP el cual tiene las mismas características que…Oct 4, 2018Oct 4, 2018
![D-Link DIR-859 — RCE Unauthenticated (CVE-2019–20216 — CVE-2019–20217) [EN]](https://miro.medium.com/v2/resize:fill:80:53/0*kKJqp5k9kz4ve554.png)
![D-Link DIR-859 — RCE Unauthenticated (CVE-2019–20216 — CVE-2019–20217) [EN]](https://miro.medium.com/v2/resize:fill:160:107/0*kKJqp5k9kz4ve554.png)
![D-Link DIR-859 — UnAuthenticated RCE in ssdpcgi HTTP_ST (CVE-2019–20215) [EN]](https://miro.medium.com/v2/resize:fill:80:53/1*inlVZRkqYr168dMsheKjhw.png)
![D-Link DIR-859 — UnAuthenticated RCE in ssdpcgi HTTP_ST (CVE-2019–20215) [EN]](https://miro.medium.com/v2/resize:fill:160:107/1*inlVZRkqYr168dMsheKjhw.png)
![D-Link DIR-859 — RCE UnAutenticated (CVE-2019–17621) [EN]](https://miro.medium.com/v2/resize:fill:80:53/1*nQxFM1wp4kiRdQDGm_ACwA.png)
![D-Link DIR-859 — RCE UnAutenticated (CVE-2019–17621) [EN]](https://miro.medium.com/v2/resize:fill:160:107/1*nQxFM1wp4kiRdQDGm_ACwA.png)
![D-Link DIR-859 — Unauthenticated Information Disclosure [EN]](https://miro.medium.com/v2/resize:fill:80:53/1*XhMKausx8t_aAbYYpVtzMQ.png)
![D-Link DIR-859 — Unauthenticated Information Disclosure [EN]](https://miro.medium.com/v2/resize:fill:160:107/1*XhMKausx8t_aAbYYpVtzMQ.png)
![RealFlex RealWin Server [SCADA] Reverse y Exploit](https://miro.medium.com/v2/resize:fill:80:53/1*wqnCOn484349zdnY-XPEYA.jpeg)
![RealFlex RealWin Server [SCADA] Reverse y Exploit](https://miro.medium.com/v2/resize:fill:160:107/1*wqnCOn484349zdnY-XPEYA.jpeg)
