Hack The Box – Curling Write-up By Nikhil Sahoo
Introduction So Finally back with a new blog. Today we will go through the walkthrough of the Hack the Box machine Curling which retired very recently. It was actually a fun box and the...
Category: Infosec
LibSSH authentication bypass: CVE-2018-10933
Introduction So in this blog, we will be learning about the details regarding the LibSSH authentication bypass: CVE-2018-10933 along with a demo on how to exploit it. This Vulnerability was identified by Peter Winter and was released...
Exploiting Remote Code Execution in Apache Struts2 (CVE-2017-9805)
Introduction So Apache Struts is a very popular open source web application framework that is used to develop Java-based web applications. On September 05, 2017, a very deadly remote code execution was identified in...
Hacking Windows Server using EternalBlue Exploit
Introduction EternalBlue is nothing but an exploit that was actually developed and used by the National Security Agency (NSA). But this was somehow leaked by the hacker group named the Shadow Brokers in April 2017...
Web Application Security Part – I
Introduction: There are so awesome web developers with new idea’s, new initiatives and startups. They sometimes fail what they claim. They claim that the security is in place and the files and have pretty...
Road to Dell Security Acknowledgement Page
Hi folks, Last time in Proof of Concepts I wrote about how I found some Cross Site Scripting Vulnerabilities in a CMS which led to CVEs.So in this article, I’ll be sharing another POC...
Things you must know before diving into information security
Ever thought of starting your career in the security field?? Or Let’s say you want to attend a workshop or a meetup or an information security event then I recommend that you must...
Mirai Botnet: The malware that led to one of the largest DDOS attacks
Mirai Botnet: A brief on one of the largest DDOS attacks in the history of Internet Mirai Botnet came into light in October 2016 when it was responsible for a DDOS attack that took...
Proof Of Concept-Walktrough for CVE-2018-11472 and CVE-2018-11473
This article is about the XSS vulnerabilities that I had found out on Monstra CMS 3.0.4. The bugs had medium impact and were quite easy to find and reproduce as well. Now coming...
Introduction to Security 101
In our modern world where mostly everything is networked in some way or the other, security has become a major worldwide concern and needs to be addressed as soon as possible. With the...