RCE Security

RCE Security

Reverse Engineering sometimes results in Remote Code Execution

Menu

  • Vulnerabilities
  • References
  • Disclosure Policy
  • About:Me
  • Imprint/Data Protection Policy

Author: MrTuxracer

H1-3120: MVH! (H1 Event Guide for Newbies)

H1-3120: MVH! (H1 Event Guide for Newbies)

Here’s another late post about my coolest bug bounty achievement so far! In May I’ve participated in HackerOne’s H1-3120 in the beautiful city of Amsterdam with the goal to break some Dropbox stuff. It was a really tough target, but

MrTuxracer June 29, 2018June 30, 2018 Bug Bounties No Comments Read more

H1-415: Hacking My Way Into the Top 4 of the Day

H1-415: Hacking My Way Into the Top 4 of the Day

I’ve always wanted to visit San Francisco! So I was really happy about an email from HackerOne inviting me to this beautiful city in April. But they did not cover all the costs for my international flights and the hotel

MrTuxracer May 3, 2018May 8, 2018 Bug Bounties 1 Comment Read more

h1-212 CTF: Breaking the Teapot!

h1-212 CTF: Breaking the Teapot!

With the h1-212 CTF, HackerOne offered a really cool chance to win a visit to New York City to hack on some exclusive targets in a top secret location. To be honest, I’m not a CTF guy at all, but

MrTuxracer November 22, 2017November 22, 2017 CTFs No Comments Read more

CVE-2017-14955: Win a Race Against Check_mk to Dump All Your Login Data

CVE-2017-14955: Win a Race Against Check_mk to Dump All Your Login Data

The authors of check_mk have fixed a quite interesting vulnerability, which I have recently reported to them, called CVE-2017-14955 (sorry no fancy name here) affecting the oldstable version 1.2.8p25 and below of both check_mk and check_mk Enterprise. It’s basically about a

MrTuxracer October 18, 2017October 18, 2017 Vulnerabilities No Comments Read more

CVE-2017-14956: AlienVault USM Leaks Sensitive Compliance Information via CSRF

CVE-2017-14956: AlienVault USM Leaks Sensitive Compliance Information via CSRF

I usually try to avoid blogging about Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities, just because they are basically everywhere – except if they can be used to achieve something cool 😉 In this specific case I have found a

MrTuxracer October 13, 2017October 17, 2017 Exploits, Vulnerabilities 2 Comments Read more

Upgrade from LFI to RCE via PHP Sessions

Upgrade from LFI to RCE via PHP Sessions

I recently came across an interesting Local File Inclusion vulnerability in a private bug bounty program which I was able to upgrade to a Remote Code Execution. The interesting fact about this and what makes it different is that the

MrTuxracer August 28, 2017January 24, 2018 Bug Bounties, RCE 2 Comments Read more

Ok Google, Give Me All Your Internal DNS Information!

Ok Google, Give Me All Your Internal DNS Information!

In late January, I have found and reported a Server-Side Request Forgery (SSRF) vulnerability on toolbox.googleapps.com to Google’s VRP, which could be used to discover and query internal Google DNS servers to extract all kinds of corporate information like used internal IP addresses

MrTuxracer March 1, 2017March 1, 2017 Bug Bounties 7 Comments Read more

RCESEC-2016-012: Mattermost <= 3.5.1 Error Page Cross-Site Scripting / Content Injection

RCESEC-2016-012: Mattermost <= 3.5.1 Error Page Cross-Site Scripting / Content Injection

I’m quite busy with bug bounties lately, but sometimes I still discover stuff, which might also be interesting for the rest of you ;-). So here’s quick writeup about a quite interesting vulnerability in the open source Slack-alternative Mattermost, which I have found in December

MrTuxracer January 23, 2017 Vulnerabilities No Comments Read more

HamburgSides 2016: Magic Superpowers!

HamburgSides 2016: Magic Superpowers!

The year 2016 comes to an end quickly and so it was time for another Sides conference. This year’s HamburgSides, formerly known as BSidesHH, was held in the Bucerius Law School in Hamburg next to the 33C3. I’ve been supporting

MrTuxracer December 31, 2016December 31, 2016 Conferences No Comments Read more

44CON London 2016: When Hackers Meet a Corgi!

44CON London 2016: When Hackers Meet a Corgi!

Have you ever been to 44CON in London? In case you haven’t, you need to go there in 2017! To be honest it was my first time attending, but it took just one 44CON for me to become excited and that not only because of

MrTuxracer September 20, 2016 Playground No Comments Read more
  • « Previous

Categories

  • Bug Bounties
  • Certifications
  • Conferences
  • CTFs
  • Exploits
  • Papers
  • Playground
  • RCE
  • Reversing
  • Security News
  • Site News
  • SLAE
  • Tutorials
  • Vulnerabilities

Tags

0-day 0day advisory assembly BSidesHH buffer overflow bug bounty bypass csrf CVE-2014-2206 eip esp exam exploit hacking hackme IDA ignorance inshell LFI linux local Metasploit nmap Off-Topic PoC privileges escalation python RCE remote reporting ret ROP SafeSEH shellcode SLAE SQLi sqlmap SSRF stack surveillance trunk vlan WinALL XSS

Archives

  • June 2018
  • May 2018
  • November 2017
  • October 2017
  • August 2017
  • March 2017
  • January 2017
  • December 2016
  • September 2016
  • June 2016
  • April 2016
  • February 2016
  • December 2015
  • September 2015
  • August 2015
  • July 2015
  • January 2015
  • December 2014
  • November 2014
  • August 2014
  • July 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011

Follow Me

Copyright © 2019 RCE Security. Powered by WordPress. Theme: Spacious by ThemeGrill.