Blog Archive 2021 the fanciful allure and utility of syscalls May 12 2021 On Exploiting CVE-2021-1648 (splwow64 LPE) Mar 10 2021 2020 Digging the Adobe Sandbox - IPC Internals Aug 07 2020 2019 Exploiting Leaked Process and Thread Handles Aug 22 2019 Code Execution via Fiber Local Storage Aug 12 2019 2018 Dell Digital Delivery - CVE-2018-11072 - Local Privilege Escalation Aug 22 2018 Dell SupportAssist Driver - Local Privilege Escalation May 17 2018 2017 Abusing delay load DLLs for remote code injection Sep 19 2017 Abusing Token Privileges for EoP Sep 01 2017 2015 ntpdc local buffer overflow Jan 06 2015 2014 railo security - part four - pre-auth remote code execution Aug 27 2014 railo security - part three - pre-authentication LFI Aug 23 2014 railo security - part two - post-authentication rce Jul 24 2014 gitlist - commit to rce Jun 29 2014 railo security - part one - intro Jun 25 2014 rce in browser exploitation framework (BeEF) May 13 2014 LFI to shell in Coldfusion 6-10 Apr 02 2014 IBM Tealeaf CX (v8 Release 8) Remote OS Command Injection / LFI Mar 26 2014 meterpreter shell upgrades using powershell Mar 10 2014 introduction Mar 02 2014 ganib project management 2.3 SQLi Feb 24 2014 Fetching JBoss MBean method hashes Jan 26 2014 2013 Dolibarr 3.4.0 - Multiple Vulnerabilities Oct 14 2013 OpenEMM-2013 SOAP SQLi/Stored XSS Jul 28 2013 solving RA1NXing Bots Jul 10 2013 introducing zarp Jul 02 2013 Collabtive 1.0 - SQLi Jun 21 2013 Asus RT56U Remote Command Injection Jun 05 2013 PHD Help Desk 2.12 - SQLi/XSS Jun 02 2013 Kimai v0.9.2 - SQLi May 20 2013 Motorola Surfboard - Multiple Vulnerabilities Apr 20 2013 solving brainpan Apr 02 2013 Protostar solutions - Stack Levels Mar 30 2013 Nebula Solutions - All Levels Mar 30 2013 2012 lshell 0.9.15 pathing vulnerability Dec 30 2012 Solving Hackademic-RTB2 Nov 18 2012 Solving Hackademic-RTB1 Nov 13 2012 FastSpy 2.1.1 Buffer Overflow Oct 03 2012 solving pwn0s v2 Aug 09 2012 solving pwn0s Jun 07 2012