Mastodawn

Over the past couple years, I have come to know the #dotnet platform pretty well, from a developer's and a #reversing standpoint.

I can’t always say the same the #infosec community.

Today, I decided to rant a little (or maybe a lot 🙃)

👉 https://blog.washi.dev/posts/misconceptions-about-dotnet/

Markus Wulftange Jan 23

CODE WHITE GmbH Jan 23

You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 https://code-white.com/blog/2026-01-nsm-rce/

CODE WHITE | Unauthenticated RCE in NetSupport Manager - A Technical Deep Dive

NetSupport Manager is a remote control and support software that we find surprisingly often utilized in sensitive *Operational Technology (OT)* environments, such as production plant networks. Besides describing two 0-day vulnerabilities that we found in the client component of the software, we also walk you through an exploit odyssey to finally gain unauthenticated Remote Code Execution.

Markus Wulftange Nov 15

frycos Nov 15

Just sayin‘ 🤷

Markus Wulftange Oct 29

CODE WHITE GmbH Oct 29

Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange who loves converting n-days to 0-days https://code-white.com/blog/wsus-cve-2025-59287-analysis/

CODE WHITE | A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS

How the n-day research for a suspected vulnerability in Microsoft WSUS (CVE-2025-59287) led to the surprising discovery of a new `SoapFormatter` vulnerability added by the Patch Tuesday updates of October 2025.

Markus Wulftange Sep 15, 2025

CODE WHITE GmbH Sep 15, 2025

CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at https://apply-if-you-can.com/ packaged as a metal festival. Have fun 🤘 and #applyIfYouCan

Markus Wulftange Sep 5, 2025

CODE WHITE GmbH Sep 5, 2025

Ten days left. The warm-up fades. Maultaschen were soft. Bean Beats were dark and burnt. But the beats of #ULMageddon will be brutal! #applyIfYouCan

Markus Wulftange Aug 28, 2025

CODE WHITE GmbH Aug 28, 2025

We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at https://2025.faustctf.net/

FAUST CTF 2025 | FAUST CTF 2025

FAUST CTF 2025 is an online attack-defense CTF competition run by FAUST, the CTF team of Friedrich-Alexander University Erlangen-Nürnberg

FAUST CTF 2025

Markus Wulftange Aug 5, 2025

CODE WHITE GmbH Aug 5, 2025

We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy<T> creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. https://github.com/codewhitesec/NewRemotingTricks

GitHub - codewhitesec/NewRemotingTricks: New exploitation tricks for hardened .NET Remoting servers

New exploitation tricks for hardened .NET Remoting servers - codewhitesec/NewRemotingTricks

GitHub

Markus Wulftange Jul 14, 2025

CODE WHITE GmbH Jul 14, 2025

We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange

Markus Wulftange Mar 28, 2025

I'm getting confused keeping count of them, but we're almost at the double-digit mark! 😅
From: @codewhitesec
https://infosec.exchange/@codewhitesec/114241026482611250

CODE WHITE GmbH (@[email protected])

Our crew members @mwulftange & @frycos discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam's blacklist for CVE-2024-40711 & CVE-2025-23120 as well as further entry points following @SinSinology & @chudypb 's blog. Don’t blacklist - replace BinaryFormatter.

Infosec Exchange