Categories • Page 5/5

Security research

Here’s where our security researchers analyze and share insights about the latest vulnerabilities, providing details on how they work, or how to exploit them.

Security research

How to exploit the PHAR deserialization vulnerability

At Blackhat US-18, Sam Thomas introduced a new way to exploit PHAR Deserialization Vulnerabilities in PHP. See which stream wrapper this new type of attack abuses and how it works.

Author(s)

Alexandru Postolache

Published at: 29 May 2020

Security research

How to detect the Microsoft SMBGhost vulnerability with Pentest-Tools.com

For the past couple of weeks, a critical RCE vulnerability found in Microsoft Server Message Block 3.1.1 (SMBv3) has kept both the Microsoft users and the security community on their toes. To help our customers better detect if their Windows hosts were affected by the critical SMBGhost vulnerability, we developed and added a new, dedicated scanner on Pentest-Tools.com.

Author(s)

Ioana Rijnetu

Published at: 23 Mar 2020

Security research

How to detect the SACK Panic vulnerability with Wireshark

The security team at Pentest-Tools.com has recently performed an in-depth analysis of the SACK Panic vulnerability (which was first disclosed in June 2019) to find out its exploitability against Linux machines. Throughout this research, we’ve identified a new method to detect vulnerable servers using Wireshark, the popular network traffic analyzer.

Author(s)

Stefan Bratescu

Published at: 09 Jan 2020

Security research

Capital One, CafePress, Suprema data breaches and their root causes

In this article, we discuss some of the most recent data breaches, what are their root causes, and how to better secure your most valuable personal information and other digital assets.

Author(s)

Ioana Rijnetu

Published at: 15 Oct 2019

Security research

Analysis of recent Exim mail server vulnerabilities

For the past months, multiple critical vulnerabilities were found in Exim mail servers that could allow attackers to gain remote access and perform malicious activities: CVE-2019-16928, CVE-2019-15846, and CVE-2019-10149.

Author(s)

Ioana Rijnetu

Published at: 10 Oct 2019

Security research

How to exploit the BlueKeep vulnerability with Metasploit

In this article, we show our approach for exploiting the RDP BlueKeep vulnerability using the recently proposed Metasploit module.

Author(s)

Published at: 10 Sep 2019

Security research

BlueKeep, the Microsoft RDP vulnerability - What we know so far

BlueKeep is a critical security flaw found in Microsoft Remote Desktop Services that was making the headlines for the past two months. In this article, we explore the key facts about this vulnerability.

Author(s)

Ioana Rijnetu

Published at: 23 Jul 2019

Security research

Exploiting SQL Injection in Magento Using Sqlmap

In this article we show a new method of exploiting the critical SQL Injection vulnerability in Magento (CVE-2019-7139), using the well known SQLMap tool.

Author(s)

Alexandru Postolache

Published at: 14 Jun 2019

Security research

Analysis of a WordPress Remote Code Execution attack

This article shows our analysis of a known attack (presented in February 2019) against WordPress versions 5.0.0 and lower, awarding an intruder with arbitrary code execution on the webserver. The article covers each exploitation step and HTTP request required for a successful attack.

Author(s)

Razvan Ionescu

Published at: 21 May 2019

Security research

Exploiting OGNL Injection in Apache Struts

Let’s understand how OGNL Injection works in Apache Struts. We’ll exemplify with two critical vulnerabilities in Struts: CVE-2017-5638 (Equifax breach) and CVE-2018-11776.