I'm happy to share the attribution of my first #CVE!
Authenticated Static Code Injections in #OpenCart (CVE-2023-47444)
You can find the details and PoCs about the two vulnerabilities on my blog:
https://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444/
Static Code Injections in OpenCart (CVE-2023-47444)
In OpenCart versions 4.0.0.0 to 4.0.2.3, authenticated backend users having common/security access and modify privileges can write arbitrary untrusted data inside config.php and admin/config.php, resulting in remote code execution on the underlying server.
Easy-peasy #android emulator setup without using Genymotion or Android Studio + installation of custom certificates inside the system #certificate store of an Android 10 device.
https://youtu.be/v-p1dTWmWDY
#mobilehacking #androidhacking #androidstudio #androidemulator
How to set up an Android Penetration Testing Lab from scratch (AVD without Android Studio)
Waffle-y Order is a medium-difficulty Web challenge from #HackTheBox, involving the exploitation of parser differential vulnerabilities to bypass a regex-based #WAF and chain a PHP arbitrary #deserialization with a blind #XXE to read arbitrary files and, finally, exfiltrate data.
Read the writeup here:
https://maoutis.github.io/writeups/Web%20Hacking/WAFfle-y_Order/
See the video here:
https://youtu.be/IESwry_l-UU
#hacking #wafbypass #applicationsecurity #writeup
WAF bypass and vulnerability chain exploiting parser differentials
12 Apr 2023 | Reading time: ~15 min WAF bypass and vulnerability chain exploiting parser differentials WAFfle-y Order - hackthebox #oast #xxe-injection #evasion #parsers-differential #php-deserialization #exploit-chain #waf-bypass
