by Julien Ahrens | Monday, June 30, 2025 | Uncategorized
While performing a penetration test for one of our Continuous Penetration Testing customers, we’ve found a Wing FTP server instance that allowed anonymous connections. It was almost the only interesting thing exposed, but we still wanted to get a foothold into...
by Julien Ahrens | Saturday, April 21, 2012 | Uncategorized
Just a short notice as an addendum to IA2: A new version (1.6) of the “Free WMA MP3 Converter” by eusing.com has been released which is still vulnerable to the same issue like all versions before. The interesting part here ? Well I’ve noticed the...
by Julien Ahrens | Friday, March 9, 2012 | Uncategorized
Hello readers, I recently found a local buffer overflow vulnerability in Pitrinec Macro Toolworks v7.5.0, which is very easy to exploit at all. For demonstration purposes I will show you one possible way of getting your own shellcode to run using this overflow. There...
by Julien Ahrens | Tuesday, February 21, 2012 | Uncategorized
About an old, but useful application and just to prove it’s there: #!/usr/bin/python # Exploit Title: DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC # Version: 1.5.1 # Date: 2012-02-21 # Author: Julien Ahrens # Homepage: https://www.rcesecurity.com #...
by Julien Ahrens | Saturday, January 21, 2012 | Uncategorized
I’ve found a local stack buffer overflow vulnerability in “Free WMA MP3 Converter” version 1.5 which could lead to a remote shell when using the proper shellcode. This exploit is slightly different compared to the others out there: It’s for the...
by Julien Ahrens | Sunday, January 8, 2012 | Uncategorized
Here’s my first realapplication vulnerability :-). Since this is only a small bug with nobigger impact its severity is therefor considered as “low”. [IA1] GPSMapEdit v1.1.73.2 (.lst) Local Denial of Service Vulnerability Details =============...