12 November 2023
One of my daily work is to create testbeds to test defense mechanisms. As a result, I am constantly watching for vulnerabilities that I could use in such testbeds. In February 2023, someone discovered a vulnerability in the open-source surveillance software “Zoneminder”. It was a command injection vulnerability that an unauthorized attacker could trigger. Since there was only an advisory on Github without any proof of concept code, I created an exploit and contributed it to Metasploit. I learned a lot about developing modules for the Metasploit framework, and this article summarizes my experiences. To give Zoneminder administrators enough time to patch their systems, I waited more than seven months from releasing a patched version of Zoneminder before releasing this exploit.
2 January 2023
Due to the corona pandemic the chaos communication congress did not take place in 2022. Different hackerspaces created mini-events with talks and workshops instead. One of them was “Fireshonks 2022” which was organized by “Remote Rhein-Ruhr Stage” and “Haecksen”. I had the honour to give a talk about Logrotten - It’s not a Bug.
The full talk is online as a video-stream and was held in german language.
19 November 2022
BSides Vienna 2022 was a wonderful event. There were so many great talks and the location was beautiful. I gave a talk at the BSides Vienna 2022 about my “logrotten” exploit and I think the hacker community liked it. Here is a short description about the talk:
18 April 2022
Identifier: | AIT-SA-20220208-01 |
Target: | Sexy Polling ( Joomla Extension) |
Vendor: | 2glux |
Version: | all versions below version 2.1.8 |
CVE: | Not yet |
Accessibility: | Remote |
Severity: | Critical |
Author: | Wolfgang Hotwagner (AIT Austrian Institute of Technology) |
7 November 2021
I started blogging seven years ago. My blog changed from: “I blog everything that comes into my mind” to “I write about things I do on my computer”. Sometimes it’s about some hardware-projects, sometimes it’s about Linux and in the last years it was a lot about security. I promise I will continue because I have much Fun With Linux.
2 March 2021
Identifier: | AIT-SA-20210215-04 |
Target: | ForkCMS |
Vendor: | ForkCMS |
Version: | all versions below version 5.8.3 |
CVE: | CVE-2020-24036 |
Accessibility: | Remote |
Severity: | Medium |
Author: | Wolfgang Hotwagner (AIT Austrian Institute of Technology) |
2 March 2021
Identifier: | AIT-SA-20210215-03 |
Target: | QCubed Framework |
Vendor: | QCubed |
Version: | all versions including 3.1.1 |
CVE: | CVE-2020-24912 |
Accessibility: | Remote |
Severity: | High |
Author: | Wolfgang Hotwagner (AIT Austrian Institute of Technology) |
2 March 2021
Identifier: | AIT-SA-20210215-02 |
Target: | QCubed Framework |
Vendor: | QCubed |
Version: | all versions including 3.1.1 |
CVE: | CVE-2020-24913 |
Accessibility: | Remote |
Severity: | Critical |
Author: | Wolfgang Hotwagner (AIT Austrian Institute of Technology) |
2 March 2021
Identifier: | AIT-SA-20210215-01 |
Target: | QCubed Framework |
Vendor: | QCubed |
Version: | all versions including 3.1.1 |
CVE: | CVE-2020-24914 |
Accessibility: | Remote |
Severity: | Critical |
Author: | Wolfgang Hotwagner (AIT Austrian Institute of Technology) |