aLLy – HackMag

Log4HELL! Everything you must know about Log4Shell

Date: 01/06/2022

Author: aLLy

Up until recently, just a few people (aside from specialists) were aware of the Log4j logging utility. However, a vulnerability found in this library attracted to it a great attention from researches nowadays. Let’s take a closer look at the origin and operation mechanism of this bug and examine the available exploits to it.

Read full article →

Bug in Laravel. Disassembling an exploit that allows RCE in a popular PHP framework

Date: 13/01/2022

Author: aLLy

Bad news: the Ignition library shipped with the Laravel PHP web framework contains a vulnerability. The bug enables unauthorized users to execute arbitrary code. This article examines the mistake made by the Ignition developers and discusses two exploitation methods for this vulnerability.

Read full article →

Secret of the widget. Exploiting a new severe vulnerability in vBulletin

Date: 20/11/2021

Author: aLLy

In September 2019, the CVE-2019-16759 vulnerability was discovered in the vBulletin forum engine. The bug enabled any user to execute arbitrary commands in the system and even resembled a backdoor. The developers have promptly fixed it, but in August 2020, a new possibility to bypass the patch and exploit the last year’s security hole was found.

Read full article →

Security hole in BIG-IP. Exploiting a new vulnerability in F5 products

Date: 06/09/2021

Author: aLLy

In July 2020, a severe vulnerability was identified in the F5 product line. The bug affects inter alia BIG-IP, an application delivery controller used by many major companies, including banks and mobile operators. The vulnerability received the highest severity index because it allows unprivileged attackers to gain full control over the target system.

Read full article →

Holes in the hole. Vulnerabilities in Pi-hole allow to seize control over Raspberry Pi

Date: 01/06/2021

Author: aLLy

Three severe vulnerabilities have been recently discovered in Pi-hole, a popular app that blocks advertisement and unwanted scripts. Two of these vulnerabilities result in remote command execution, while the third one allows to escalate your privileges to root. Let’s examine the origin of these bugs and concurrently find out how to detect vulnerabilities in PHP code and Bash scripts.

Read full article →

Ghostcat. How to exploit a new RCE vulnerability in Apache Tomcat

Date: 19/10/2020

Author: aLLy

This article addresses a vulnerability in Apache Tomcat that enables the attacker to read files on the server and, under certain conditions, execute arbitrary code. The problem lies in the implementation of the AJP protocol used to communicate with a Tomcat server. Most importantly, the attacker does not need any rights in the target system to exploit this vulnerability.

Read full article →

DoS attacks on ModSecurity: Exploiting critical bug in popular WAF

Date: 31/08/2020

Author: aLLy

A critical vulnerability resulting in a denial-of-service error has been recently discovered in ModSecurity, a popular web application firewall (WAF) for Apache, IIS, and Nginx. The bug is truly severe: not only does the library stop working, but applications using it as well. Let’s see what was the mistake of the ModSecurity developers and how we, ethical hackers, can exploit this vulnerability in our penetration tests.

Read full article →