Author: gonczor

Black Sheep Suspends

I hoped it wouldn’t happen, but looking back at last few months I must say I can’t meet the goals I’ve set for myself. I don’t have time to learn new things, last few posts have either been publishing materials I prepared earlier for a different occasion, or things that didn’t require much effort. This […]

NodeJS Deserialization

This is a Pentester Academy challenge writeup. It required to exploit a CVE-2017-5941 vulnerability in NodeJS server application during deserialization to trigger an RCE. Warning this is a writeup so it contains spoilers. I am changing it a little bit in order to save you from revealing everything. Application Server consisted of two endpoints: / […]

Next Page » « Previous Page