During an assignment, I found several serious vulnerabilities in phpMyAdmin, which is an application massively used to manage MariaDB and MySQL databases. One of them potentially leads to arbitrary code execution by exploiting a Local file inclusion, while the other is a CSRF allowing any table entry to be edited.
Continue reading PHPMyAdmin multiple vulnerabilitiesYear: 2018
Remote Code Execution on a Facebook server
I regularly search for vulnerabilities on big services that allow it and have a Bug Bounty program. Here is my first paper which covers a vulnerability I discovered on one of Facebook’s servers.
While scanning an IP range that belongs to Facebook (199.201.65.0/24), I found a Sentry service hosted on 199.201.65.36, with the hostname sentryagreements.thefacebook.com. Sentry is a log collection web application, written in Python with the Django framework.
Continue reading Remote Code Execution on a Facebook serverInsomni’hack 2018 – vba03-strikeBack writeup
Here is a write-up for the challenge “vba03-strikeBack”, since none was posted yet on CTFtime.
All the source code for the malware and cookie logger are available on GitHub.
Continue reading Insomni’hack 2018 – vba03-strikeBack writeup