poniedziałek, 22 sierpnia 2016

Testing SQL injections in com_virtuemart 3.0.14


Yesterday after I finally finished Jomlash module I decide to check the latest com_virtuemart component. The version I tried was 3.0.14. As far as I know, “the latest” one …

sobota, 20 sierpnia 2016

joomlash - new test in grabash.py

During couple of last few days I had a chance to check grabash code again. I am aware that this is still not even 'first' final version ;) so there is always something 'todo' or to fix to get better results from the scan. So, yeah, any feedback is welcome.

wtorek, 16 sierpnia 2016

Axis2 LFI module for CTF

Few weeks ago I tried to solve Axis2 CTF from VulnHub. It was a lot of fun. As far as there is a grabash, I decided to create small module for Metasploit to exploit LFI bug in that virtual machine...