Sunday, May 17, 2020

WeirdAAL update - get EC2 snapshots

I watched a good DEF CON video on abusing public AWS Snapshots https://www.youtube.com/watch?v=-LGR63yCTts I, of course, wanted to check thi...
Monday, April 27, 2020

The Duality of Attackers - Or Why Bad Guys are a Good Thing™

The Duality of Attackers - Or Why Bad Guys are a Good Thing™ It’s no secret I've been on a spiritual journey the last few years. I ...
6 comments:
Friday, March 13, 2020

What is your GCP infra worth?...about ~$700 [Bugbounty]

BugBounty story #bugbountytips A fixed but they didn't pay the bugbounty story... Timeline: reported 21 Oct 2019 validated at Cr...
Monday, December 16, 2019

Devoops: Nomad with raw_exec enabled

"Nomad is a flexible container orchestration tool that enables an organization to easily deploy and manage any containerized or legacy...
Tuesday, May 14, 2019

Minecraft Mod, Follow up, and Java Reflection

After yesterday's post , I received a ton of interesting and creative responses regarding how to get around the mod's restrictions w...
Monday, May 13, 2019

Minecraft Mod, Mother's Day, and A Hacker Dad

Over the weekend my wife was feeling under the weather. This meant we were stuck indoors and since she is sick and it's Mother's day...
Tuesday, March 5, 2019

Jenkins - CVE-2018-1000600 PoC

second exploit from the blog post https://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.html Chained with CV...