Vulnerabilities in OCS Inventory 2.4.1
[...]
BlackArrow's Blog - Page 3
Red team & Threat hunting Blog - offensive security
Red Team Tales 0x01: From MSSQL SQL Injection to RCE
Introduction In a Red Team operation, a perimeter asset vulnerable to SQL Injection was identified. Through this vulnera[...]
CVE-2017-11318: RCE in Cobian Backup 11
During a Tarlogic Red Team operation, a serious vulnerability was discovered in Cobian Backup software (CVE-2017-11318) [...]
Backdoors in XAMPP stack (part I): PHP extensions
Web servers exposed to the Internet are a traditional entry point during penetration tests and Red Team exercises. Ensur[...]
How to make a keylogger in PowerShell?
The creation of a keylogger in PowerShell during the development of a Tarlogic Red Team exercise was necessary. And give[...]
How to bypass disable_functions and open_basedir
In the last edition of HackRon, in our talk “The Red Team always wins” we tackled some techniques used duri[...]
Persistence in WordPress using backdoors in SQL
Introduction to backdoors in SQL Using backdoors in SQL as a persistence method in compromised web environments is not o[...]