I updated this post to add in prowlarr support. But here is the updated docker-compose.yml. version: '3.8' services: pms-docker: container_name: plex network_mode: host ...

I’ve continued my quest to translate exploits into Golang. Here is an RCE in Webmin due to broken access controls. Please see the following links for more information. https://nvd.nist.gov/vuln/de...

Edit: These were given CVE-2022-43263 and CVE-2022-43264. I found these vulnerabilities in the latest version of Guitar Pro (1.10.2) on the iPad and iPhone. Neither one is that great of a concern,...

I was doing a security review of CrushFTP, a multi-platform FTP application, and I came across a DoS stemming from lack of validation of user input. Originally, I thought there was broken function...

Once again, I decided to rewrite an exploit in Golang. Once again, I did thirty seconds of searching to find if someone had already written this one in Golang. Once again, I did not find a preexist...

Let’s say you’re doing a pentest, and you run across access to AWS Lambda. I recently learned you can get a persistent shell (for 15 minutes, at least) via Lambda, which seemed odd to me because a...

Edit: The weather station issues were given CVE-2022-35122. I contacted the manufacturer in regards to these issues. They responded quickly. I wasn’t expecting anything to be done about the issues...

Edit: This was given CVE-2022-35122. I recently purchased the ECOWITT GW1102 Home Weather Station. It’s exactly what it sounds like - a mini weather station for your house. It has all the usual se...

Prerequisites and Getting Started I sometimes like to spin up a virutal machine in the cloud, do some testing, and then tear it down. It doesn’t even have to be for bug bounty hunting, but since I...

Edit: This was given CVE-2022-25568. As mentioned in my previous posts here and here, I’ve done a little digging into the conditions that are required for the MotioneEye config file to be world vie...