frycos

My blog post "Pre-Auth RCE with CodeQL in Under 20 Minutes"

https://frycos.github.io/vulns4free/2022/12/02/rce-in-20-minutes.html

Pre-Auth RCE with CodeQL in Under 20 Minutes

This write-up won’t be an intense discussion on security code review techniques this time. We’ll simply let do all the hard work by a third party: CodeQL.

Frycos Security Diary
Dec 2, 2022 at 2:10pmWeb
Show threadDoIDec 3, 2022
@frycos I used this technique in anger recently with ILSpy decompiled dot net that was gently persuaded to rebuild. CodeQL FTW