Hi guys whatsup!

Orange Tsai published a really interesting writeup on their discovery of CVE-2019–1003000, an Unathenticated remote code exeuction (RCE) in Jenkins. There was a box from HackTheBox.eu that ran Jenkins, and while the configuration wasn’t perfect for this kind of test, I decided to play with it and see what I could figure out. I’ll get the exploit working with a new payload so that it runs on the Windows environment.

Exploit Background

Jenkins has a Pipeline feature which is implemented in Groovy. The exploit author discovered that the user issue an unauthenticated GET request to provide Groovy Meta-Programming input…


Hello guys, today am sharing a method on how to be completely anonymous..
These steps is used by a black hat hackers .(Only for educational purpose)
Always remember, only VPN won’t make you anonymous:(
So let's get started:
Requirements: Computer/Laptop, Brain, Basic knowledge of computer and some tools

we will discuss further about them…

Step 1:-

Don’t use Windows

Windows is full of loopholes. These holes may allow spyware to infest, completely overcoming all your anonymity efforts.

What you should use to avoid tracking??

Always use open source operating systems like , and etc.

Step 2:-

Always…


7 Terms Should be in Mind While Writing A Report

Description is the introduction part of the report. This can be considered as a short explanation of the report title, where the reporter gives general information of the vulnerable endpoint or component, followed by the type and causes of the vulnerability found.

Reproduction is the most important part of the report. Written in the attacker’s perspective, this includes detailed steps for the security team to follow. Attached images, proof-of-concept files or captured video links can be used to help explain some of the complicated steps. …


Hey….! Hackers We all have remember the time when we used to create a bunch of applications to check for vulnerabilities in Android applications. Then Drozer came into existence, an open source all in one combination to check your application against known vulnerabilities….!

To know about installation and set up, you can check the attached PDF or .

Instead of wasting anymore of your time, let’s get started with the question — What can we do with Drozer?

Drozer can mainly execute the following tasks:

  1. Retrieving Package Information: We can retrieve packages present in the connected devices, we can also…


Some of the most common questions out there in the industry are “what is your methodology?” or “how do you look for bugs”? This post will be an attempt to answer that from the point of view of an average and continuously learning bug hunter. This has certainly evolved over time, and will certainly continue to evolve. There are many great, existing resources on the subject, but this post will look to answer these questions in a bit of a different way. This will also hopefully be different in the sense that it’s not coming from someone who has been…


Summary:

There is an Open Redirect on due to the application not checking the value passed by the user to the “url” parameter.

Description:

Unchecked redirects occur when an application redirects to a destination controlled by attackers. This often occurs in functionality returning users to a previous page, e.g. after authenticating.

An attacker can control the value of the “url” parameter and make it redirect to a malicious endpoint.

Steps To Reproduce:

Here is a proof of concept to demonstrate how an open redirect occurs. Please note that this particular example is not a vulnerability and just here for demonstration purposes.


This post is about a misconfiguration in password reset I found on a popular help desk software sometimes ago where they were leaking the reset token. And guess what? This was not in the Referer header :D but right in the response of the request itself.

In this case one could initiate password reset for an account and immediately receive the reset token for that account.

The request looked like the following:

POST /api/v1/base/password/reset HTTP/1.1
Host: [team_name].redacted.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5 …


Hi guys whatsup! This is Naveen an security researcher . Here im presenting my research on unrestricted file upload vulnerablities.

In this article , we are going to learn about

  1. what is unrestricted file upload vulnerability ?
  2. what we can do with this?
  3. Types of filters and filter bypass techniques
  4. Exploitation

What is file upload vulnerability?

File upload vulnerability is a major problem with web-based applications. In many web servers, this vulnerability depends entirely on purpose, that allows an attacker to upload a file with malicious code in it that can be executed on the server. …

Naveenroy

Security Researcher,Ctf Player,Cyber Expert

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store