How to exploit the DotNetNuke Cookie DeserializationWe looked at around 300 DotNetNuke deployments in the wild and discovered that one in five installations was vulnerable to CVE-2017-9822. That includes governmental and banking websites. As part of this research, we discovered a Remote Code Execution vulnerability exploitable through DNN Cookie Deserialization in one of the U.S. Department Of Defense’s biggest websites. After having responsibly reported it through HackerOne, the DOD solved the high-severity vulnerability and disclosed the report, with all details now publicly available.Author(s)Cristian CorneaPublished at10 Jun 2020Updated at13 Apr 2023
Detect & exploit the latest CVEs + more automation updates“Great and getting even better” is what we commit to with each monthly update we roll out on Pentest-Tools.com.Author(s)Ioana RijnetuPublished at05 Oct 2021Updated at11 May 2023
How we detect and exploit Log4Shell to help you find targets using vulnerable Log4j versionsWe’re breaking down our technique for detecting CVE-2021-44228 (Log4Shell) because we believe our users should understand what’s happening behind the scanners so they can avoid a false sense of security.Author(s)Adrian FurtunaPublished at17 Dec 2021Updated at11 May 2023
Essential HTTP Headers for securing your web serverIn this article, we discuss the most important HTTP headers that you should configure on your web server in order to improve its security.Author(s)Satyam SinghPublished at22 Oct 2018Updated at18 Jul 2023
Behind the Tools: Răzvan Ionescu on the growth mindset, insatiable curiosity, and being comfortable with change in ethical hackingAt Pentest-Tools.com, we use our managed pentesting services to learn from our customers and listen to them. Every one of us works hard to understand what users need and why, feeding that knowledge into the platform while we continue to learn and grow as individuals and as a team. That’s why we eat our own dog food and we always practice what we preach.Author(s)Ioana RijnetuPublished at03 Sep 2021Updated at18 Oct 2023
How to exploit a Remote Code Execution vulnerability in Laravel (CVE-2021-3129)I discovered this vulnerability for the first time in the Horizontall machine from Hack The Box, and the conditions in which it’s triggered pushed me to understand it in more detail. CVE-2021-3129 reminds me about a log poisoning vulnerability, but with a different flavor.Author(s)Iulian TitaPublished at03 Mar 2022Updated at26 Oct 2023
How to Exploit the BlueKeep Vulnerability with MetasploitIn this article, we show our approach for exploiting the RDP BlueKeep vulnerability using the recently proposed Metasploit module.Author(s)Razvan Ionescu,Stefan Bratescu,Cristin SirbuPublished at10 Sep 2019Updated at11 Jul 2023
March updates: Spring4Shell: find and confirm exploitable targets and more updatesIf you instantly thought of Log4Shell when Spring4Shell emerged just a few days ago, you’re not alone. A coolheaded analysis reveals this CVE is not as severe as last year’s Log4j vulnerability. Nevertheless, it remains a priority in terms of detection and patching. Here’s why.Author(s)Ioana RijnetuPublished at11 Apr 2022Updated at28 Nov 2023