Once again, I decided to rewrite an exploit in Golang. Once again, I did thirty seconds of searching to find if someone had already written this one in Golang. Once again, I did…
Let's say you're doing a pentest, and you run across access to AWS Lambda. I recently learned you can get a persistent shell (for 15 minutes, at least) via Lambda, which seemed…
The weather station issues were given CVE 2022 35122 . I contacted the manufacturer in regards to these issues. They responded quickly. I wasn't expecting anything to be done…
This was given CVE 2022 35122. I recently purchased the ECOWITT GW1102 Home Weather Station . It's exactly what it sounds like a mini weather station for your house. It has all…
Prerequisites and Getting Started I sometimes like to spin up a virutal machine in the cloud, do some testing, and then tear it down. It doesn't even have to be for bug bounty…
This was given CVE 2022 25568. As mentioned in my previous posts here and here , I've done a little digging into the conditions that are required for the MotioneEye config file to…
I was given CVE 2021 44255 for this authenticated RCE via a malicious tasks (python pickle) file. So that's fun. Even though it is authenticated, the default username is admin and…
Newer versions of Linux may not come with any sort of Python 2 installed. I recently wanted to run Sharpshooter , which is a "payload creation framework for the retrieval and…
I ran into this maybe two years ago and I didn't even know it was a thing. I was actually trying to order some food (🍕) online and I noticed I could see the braces of a template…
I've been wanting to learn Go, and I learn by doing, so I decided to write a POC for CVE 2021 22205, which is fairly straightforward RCE in Gitlab that dropped a few weeks ago. My…