RUMHAM

I’ve found myself giving people plenty of pointers and links that I think helped me out when I was doing the PWK coursework and the labs for OSCP. So because of that, I figured I’d actually collect everything in one spot and I can just refer anyone interested here. I’ll Continue Reading

Recently during an External Penetration Test, a colleague of mine (Matthew Hier) and I came across some vulnerabilities on a commercial-of-the-shelf (COTS) eCommerce platform called XMPie uStore. The following blog post talks about what we discovered, our recommended remediation, and how we reached out to the Vendor and got ghosted Continue Reading

There is a saying in the Marine Corps that many Marines follow: “Complacency kills”. This essentially means that once you let your guard down and get comfortable, that’s when you’re at your most vulnerable. When you’re vulnerable, that’s when things can go sideways real quick. I think it is important Continue Reading

You may find yourself in a situation where you’ve gained some juicy hashes from a previous attack, but you’re unable to crack these hashes into clear-text. Well no worries, you can still look into passing the hash. Prerequisites: Hash obtained from previous attack. See any one of these posts for Continue Reading

I promised I would make a quick post detailing my CVE submission process, so here it is. Initial Discovery October 20th 2020: I initially discovered this vulnerability while performing a Web Application Penetration Test for a client. In doing a bit more research, I found out that there was only Continue Reading

First off let’s get this out of the way. I do not have my OSCP yet. I haven’t even taken the exam yet. (Scheduled, and very excited though). That being said, I completed all of the coursework and documented it, and have now rooted 32 machines. Because of this, it’s Continue Reading

I am in a fortunate position where I conduct Web Application Penetration Tests quite often. I love it. I get to see all sorts of different types of applications, environments, web technologies, and I’m met with new challenges almost every assessment. It is fun getting creative, learning new attack methods, Continue Reading

I purchased the WAPT coursework very shortly after becoming OSCP certified. But naturally, sometimes courses fall by the wayside as life gets in the way. The past two months I finally kicked it in high gear and started working harder on the course and am pleased to say that it Continue Reading

This post will be updated with more information soon. A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent. Proof-of-Concept: By utilizing the built-in markdown editing, Continue Reading

Recently during an External Penetration Test, a colleague of mine (Matthew Hier) and I came across some vulnerabilities on a commercial-of-the-shelf (COTS) eCommerce platform called XMPie uStore. The following blog post talks about what we discovered, our recommended remediation, and how we reached out to the Vendor and got ghosted Continue Reading