quarkslab

@quarkslab@infosec.exchange
327 Followers
0 Following
78 Posts
Securing every bit of your data
websitehttps://quarkslab.com
locationParis, France
quarkslab6h ago

Attention ✨WomenAtSSTIC✨
We meet at 18:00 today at L'Equinoxe:
3 Place des Lices, 35000 Rennes

See you there!
#sstic2025

quarkslab6h ago
quarkslab5d ago

Are you a cyber professional, or a future one, coming to #sstic2025 in Rennes next week?

Come to ✨ WomenATsstic✨ , an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm

We are looking to reserve a bar/café near the Halle Martenot and it would be easier if we knew how many participants there will be.

Register here:
https://framadate.org/hH2t9FcRtgEGmTWq

Poll - Women@sstic 2025 - Framadate

Framadate is an online service for planning an appointment or make a decision quickly and easily.

quarkslab5d ago

Are you a cyber professional, or a future one, coming to #sstic2025 in Rennes next week?

Come to ✨ WomenATsstic✨ , an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm

We are looking to reserve a bar/café near the Halle Martenot and it would be easier if we knew how many participants there will be.

Register here:
https://framadate.org/hH2t9FcRtgEGmTWq

Poll - Women@sstic 2025 - Framadate

Framadate is an online service for planning an appointment or make a decision quickly and easily.

quarkslabMay 7

Good morning Singapore!

The amazing Off by One conference (@offbyoneconf) starts today.
If you are attending don't miss @fredraynal (our fearless CEO) keynote at 9:35am:

"Spyware for rent & the world of offensive cyber"

The full agenda is available here:
https://offbyone.sg/agenda

Off-by-One Conference 2025

Off-by-One Conference is a cybersecurity conference where like-minded professionals gather and exchange technical insights while gaining knowledge from one another. As the offensive security landscape continues to evolve, the Conference will also serve as a community to nurture and showcase new and uprising local and regional researchers.

quarkslabApr 30
Quarkslab was glad to sponsor the Real World Cryptography Paris Meetup 4 hosted by @Ledger last night.
Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations.
You can learn more about it here:
https://quarkslab.github.io/crypto-condor/latest/index.html
crypto-condor 2025.04.28 documentation

quarkslabApr 29

Look at those cute little blobs in your internal network. They look harmless, but how about the one carrying SOCKS? It's ProxyBlob, a reverse proxy over Azure.

Check out @_atsika's article on how it came to exist after an assumed breach mission ⤵️

👉 https://blog.quarkslab.com/proxyblobing-into-your-network.html

ProxyBlobing into your network - Quarkslab's blog

During an assumed breach ops via a virtual desktop interface, we discovered a wildcard allow firewall rule for the Azure Blob Storage service. We proved that even with restrictions in place, it was still possible to reach the Internet. Afterwards, we thought of abusing this firewall misconfiguration (recommended by Microsoft) in a much more useful way. To demonstrate that I built a SOCKS5 proxy that uses blobs to tunnel traffic to the target's internal network.

quarkslabApr 22
While casually reading Moodle's code @coiffeur0x90 found a SSRF bug exploitable by any authenticated user.
Fun twist? This vuln matches exactly the example @orange_8361 presented at Black Hat 2017.
Real life imitates conference slides 😅
Details here:
https://blog.quarkslab.com/auditing-moodles-core-hunting-for-logical-bugs.html
Auditing Moodle's core hunting for logical bugs

The following article explains how, during an audit, we examined Moodle (v4.4.3) and found ways of bypassing all the restrictions preventing SSRF vulnerabilities from being exploited.

Quarkslab's blog
quarkslabApr 11
OSTIFApr 10

We are so excited to announce the publication of our audit of PHP core! This work was a collaboration between our organization, @thephpf and @quarkslab with funding provided by the @sovtechfund.

For the report, high points, and further links see our blog at https://ostif.org/php-audit-complete/

PHP Audit Complete! – OSTIF.org

quarkslabApr 10
The PHP FoundationApr 10

We are pleased to announce the completion of security audit of PHP core!
Executed by @quarkslab in partnership with @ostifofficial and commissioned by the @sovtechfund.

Learn more: https://thephp.foundation/blog/2025/04/10/php-core-security-audit-results/

PHP Core Security Audit Results

The PHP Foundation — Supporting, Advancing, and Developing the PHP Language

quarkslabApr 10

Quarkslab audited PHP-SRC, the open source interpreter of PHP.

The security audit, sponsored by @ostifofficial with funding from @sovtechfund aimed at strengthening the project's security ahead of the then upcoming PHP 8.4 release.

Here is what we found:
https://blog.quarkslab.com/security-audit-of-php-src.html

Security audit of PHP-SRC

The Open Source Technology Improvement Fund, Inc, thanks to funding provided by Sovereign Tech Fund, engaged with Quarkslab to perform a security audit of PHP-SRC, the interpreter of the PHP language.

Quarkslab's blog