I dislike waste, so I decided to fuck around and find out a bit on a Sunday night to see exactly how much good bean juice I could get out of some beans

Just a quick note from an experiment I ran while reading this blog post from Talos about the ongoing Cisco shitshow. I noticed the attackers used a configuration directive for the OpenResty webserver

bl4sty released a fantastically extendable exploit for the CVE-2023-4911 vulnerability. The exploit code is nice and easy to understand, but after someone asked, I figured it was worth actually documenting how you add

Just a quick post, I was reading this excellent blogpost showing a way to exploit sudo access to logrotate, and had a quick notion in my head that clobbering /etc/ld.so.preload

Yesterday, Moxa published an advisory regarding multiple vulnerabilities in their MXSecurity product. Among the issues fixed in the updates the advisory talks about, is a vulnerability I discovered - CVE-2023-39982. First, before I