Recently during an External Penetration Test, a colleague of mine (Matthew Hier) and I came across some vulnerabilities on a commercial-of-the-shelf (COTS) eCommerce platform called XMPie uStore. The following blog post talks about what we discovered, our recommended remediation, and how we reached out to the Vendor and got ghosted Continue Reading
rumham
(External Blog Post) Web Application Weakness Trends
I am in a fortunate position where I conduct Web Application Penetration Tests quite often. I love it. I get to see all sorts of different types of applications, environments, web technologies, and I’m met with new challenges almost every assessment. It is fun getting creative, learning new attack methods, Continue Reading
(External Blog Post) Android Penetration Testing After Nougat
A while back I was assigned a mobile application penetration test. I was met with a unique challenge of testing an Android application, but found there to be challenges with Android accepting user supplied certificates (i.e. burp suite cert). Because of this, I couldn’t properly proxy the traffic from my Continue Reading
TCM Security PNPT Exam / Certification Review (Updated: 2/1/2022)
Update (2/1/2022): I’ve made some small updates and changes to this article since originally posting. 1) Updated CPEH > PNPT. 2) Expanded on realism of exam vs. actual penetration tests. 3) Updated the bottom line. 4) Updated cert badge and certificate at bottom. Quick Facts: Practical exam, no multiple choice Continue Reading
Your IPv6 is Showing [CarolinaCon]
IPv6 is often seen as a mystical protocol by many folks and its scary to think about making the transition from IPv4. What’s even scarier is it’s likely already in place within your organization and attackers can leverage it against you! Further, companies are quickly rolling out IPv6 within their Continue Reading
Review Board XSS Discovered
This post will be updated with more information soon. A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent. Proof-of-Concept: By utilizing the built-in markdown editing, Continue Reading
Protected: Android Penetration Testing After Nougat
There is no excerpt because this is a protected post.
The CVE Process
I promised I would make a quick post detailing my CVE submission process, so here it is. Initial Discovery October 20th 2020: I initially discovered this vulnerability while performing a Web Application Penetration Test for a client. In doing a bit more research, I found out that there was only Continue Reading
CVE-2020-28408 & CVE-2020-28409 – Multiple Persistent XSS Discovered in Dundas BI Server
Content here will be expanded on upon later, for now this serves as a quick description and write-up. Overview Dundas BI server has two stable release versions available for download for customers. Version 7.0.2.1009 and Version 8.0.0.1001. Both product versions contain persistent cross-site scripting (XSS) vulnerabilities in the same location. Continue Reading
Portswigger Web Academy Review
As of lately, I’ve been trying to level-up my Web App knowledge by going through some Portswigger Web Academy labs and articles. Recently, I’ve just finished the 30 labs required to complete the Cross-Site Scripting (XSS) section, and have really been enjoying it. Since I’ve had a couple people ask Continue Reading