Posts

Hacking Concrete5 – ProBlog 2.6.6 & ProEvent 2.8.5 (CSRF, XSS, Side Effects)

Mon, May 23, 2016
Overview I talk about the last C5 plugin exploit I found The CSRF & XSS exploit Side Effects Hackerone Suggestions Timeline Last Time My last security report here concerned the ProEvents Concrete5 plugin. After the Portland Labs team reviewed the developer’s plugins, they posted on their blog that they were unable to find any further vulnerabilities. I figured I would take a crack at it and see what I could find.

When Security Reports Go Ignored – Hacking Concrete5’s ProEvent Plugin

Thu, Apr 14, 2016
Overview In this post I will walk you through the vulnerability discovery in a php plugin. This combined with some interesting side effects in Concrete5 itself, will allow us to develop an exploit to open a remote shell. Concrete5.7.5.6 ProEvent Plugin 2.8.1 Ubuntu 14.04 with standard LAMP install SQL Injection Discovery In January of 2016 I was reviewing the ProEvent Concrete5 plugin that I had purchased and stumbled across a major vulnerability.

Understanding When To Use Channels Or Mutexes In Go

Sat, Jan 23, 2016
Problem Domain Community - “Share Memory By Communicating” Interpretation - “CHANNEL ALL TEH THINGZ!” Because many developers come from backgrounds (Php, Ruby, Perl, Python) where unlike Go, concurrency is not a first class citizen, they struggle when learning about it. But they apply themselves and take the time to dig into Go’s concurrency model. And just as they finally feel they’ve come to grips, something painful happens. The developer decides to use their new found super-power (goroutines + channels) for absolutely everything and it suddenly becomes an anti-pattern.

How to get punched in the face by Go’s Standard Library (and arguably my own stupidity)

Tue, Jun 24, 2014
Ever have one of those days? A “I forgot to add a semi colon to terminate a line” type of day? Yeah, me too. And today was one of them. Many developers, when allowing user uploaded data, tend to trust the web browser’s headers a little too much. I prefer to use MIME Type sniffing on the actual binary stream. This gives me a greater level of assurance that I’m not allowing a user to upload a different type of file than the one I desire.

How To: Shove data into Postgres using Goroutines(Gophers) and GoLang

Tue, Oct 29, 2013
After watching Rob Pike’s wonderful golang talk, ‘Concurrency Is Not Parallelism’, in which he uses the analogy of having many Gophers running around and getting work done. I realized that I wanted to program a test so as better to solidify the concept. Rob Pike – ‘Concurrency Is Not Parallelism’ Recently a pain point for me while using Play! and Scala was finding a fast way to insert data into a Postgres Database.

Hacking Java Bytecode for Programmers (Part4) – Krakatau And The Case Of The Integer Overflow

Tue, Jun 25, 2013
Index Hacking Java Bytecode for Programmers (Part1) - The Birds and the Bees of Hex Editing Hacking Java Bytecode for Programmers (Part2) - Lions, and Tigers, and OP Codes, OH MY! Hacking Java Bytecode for Programmers (Part3) - Yes, disassemble with Javap ALL OVER THE PLACE! Hacking Java Bytecode for Programmers (Part4) - Krakatau And The Case Of The Integer Overflow Introduction A funny thing happened on the way to crafting my next blog post.

Hacking Java Bytecode for Programmers (Part3) – Yes, disassemble with Javap ALL OVER THE PLACE!

Tue, May 28, 2013
Index Hacking Java Bytecode for Programmers (Part1) - The Birds and the Bees of Hex Editing Hacking Java Bytecode for Programmers (Part2) - Lions, and Tigers, and OP Codes, OH MY! Hacking Java Bytecode for Programmers (Part3) - Yes, disassemble with Javap ALL OVER THE PLACE! Hacking Java Bytecode for Programmers (Part4) - Krakatau And The Case Of The Integer Overflow Introduction In Part 2, I showed you at a high level, what Java Opcodes are and I also walked you through how to manipulate Strings inside of the compiled code.

Hacking Java Bytecode for Programmers (Part2) – Lions, and Tigers, and OP Codes, OH MY!

Fri, May 17, 2013
Index Hacking Java Bytecode for Programmers (Part1) - The Birds and the Bees of Hex Editing Hacking Java Bytecode for Programmers (Part2) - Lions, and Tigers, and OP Codes, OH MY! Hacking Java Bytecode for Programmers (Part3) - Yes, disassemble with Javap ALL OVER THE PLACE! Hacking Java Bytecode for Programmers (Part4) - Krakatau And The Case Of The Integer Overflow Introduction In Part 1, I showed you the basics of Hexadecimal, Hex Editors, and Java Bytecode.

Hacking Java Bytecode for Programmers (Part1) -The Birds and the Bees of Hex Editing

Tue, May 14, 2013
Index Hacking Java Bytecode for Programmers (Part1) - The Birds and the Bees of Hex Editing Hacking Java Bytecode for Programmers (Part2) - Lions, and Tigers, and OP Codes, OH MY! Hacking Java Bytecode for Programmers (Part3) - Yes, disassemble with Javap ALL OVER THE PLACE! Hacking Java Bytecode for Programmers (Part4) - Krakatau And The Case Of The Integer Overflow Tools & References Ubuntu 12.10 Java 1.7.0_15 Python 2.7 xxd Bless Hex Editor http://en.wikipedia.org/wiki/Java_bytecode http://en.wikipedia.org/wiki/Hexadecimal http://linuxcommand.org/man_pages/xxd1.html Audience Required: You should be comfortable in Linux ( 1+ years ) Required: You should be comfortable writing scripts ( 1+ years ) Desired: You have written web, desktop, or mobile applications ( 1+ years ) Desired: You have programmed in Java and Python ( 6 months ) What is Hexadecimal?