Finding Offsets for bl4sty's CVE-2023-4911 Exploit.

bl4sty released a fantastically extendable exploit for the CVE-2023-4911 vulnerability. The exploit code is nice and easy to understand, but after someone asked, I figured it was worth actually documenting how you add

Another way to exploit 'sudo logrotate'.

Just a quick post, I was reading this excellent blogpost showing a way to exploit sudo access to logrotate, and had a quick notion in my head that clobbering /etc/

CVE-2023-39982 - Moxa MXSecurity Hardcoded SSH Hostkeys.

Yesterday, Moxa published an advisory regarding multiple vulnerabilities in their MXSecurity product. Among the issues fixed in the updates the advisory talks about, is a vulnerability I discovered - CVE-2023-39982. First, before I

Cisco SPA112 Forever-Day: CVE-2023-20126.

Note: this is the "main" blogpost for the talk I am giving at BSides Basingstoke 2023. It spawned a dozen or so other blog posts, some of which have yet to