CODE WHITE - FINEST HACKING
Intelligence Driven Security
Initial Assessment
Security Intelligence Service
About us
PUBLIC VULNERABILITY LIST
UnknownTypeResolver Insecure Type Resolution in Report Server
UnknownTypeResolver Insecure Type Resolution in Reporting
PreAuth Insecure Deserialization in Dynamics 365 Business Central
...
CAREERS
Challenge
Pentester / Redteamer
Threat Intelligence Analyst
BLOG
Leaking ObjRefs to Exploit HTTP .NET Remoting
Exploiting ASP.NET TemplateParser — Part II: SharePoint (CVE-2023-33160)
Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813)
...
>
CODE WHITE - Finest Hacking
>
Tags
>
Exploitation Technique
Exploiting ASP.NET TemplateParser — Part II: SharePoint (CVE-2023-33160)
Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813)
From Blackbox .NET Remoting to Unauthenticated Remote Code Execution
Java Exploitation Restrictions in Modern JDK Times
Bypassing .NET Serialization Binders
.NET Remoting Revisited
CVE-2019-19470: Rumble in the Pipe
Exploiting H2 Database with native libraries and JNI
Telerik Revisited
AMF – Another Malicious Format
Return of the Rhino: An old gadget revisited
Reading/Writing files with MSSQL's OPENROWSET
$@|sh – Or: Getting a shell environment from Runtime.exec