tl;dr

• Zip Slip Vulnerability + YAML Deserialization Attack + Race Condition
• Unintended Solution: Upload symlink leading to arbitarary file reads

tl;dr

• Digging into windows registry to find process run counts.
• Extracting and parsing AmCache to find the hash of process images

tl;dr

• Hand-crafting a linux shared object file with a size of less than 194 bytes

tl;dr

• Disk Dump extraction.
• USB leftover Capture data extraction.
• Zip file cracking.

tl;dr

• Linux userspace exploitation by parsing ELF for symbol addresses with an arbitrary read

tl;dr

• Memory dump analysis using Volatility.
• Extracting Keepass Master Password from the memory.
• Extracting flag from ZIP archive attached in the Keepass database.

tl;dr

• RAID recovery
• JPEG image extraction from lost disk

In this blog, we are going to share the experience of creating our first electronic badge.

In this blog, we will be discussing the new functions we got to bypass PHP disable_functions and also the other tricks to do the same.

tl;dr

• Linux heap exploitation with arbitary free vulnerability