FYHTECH | FUN WITH LINUX

FYHTECH

FUN WITH LINUX

Security(55)

AttackMate A modern open source tool for automating cyberattack (17 Nov 2024 | Tags: AttackMate, Security, News)
BalCCon2k24 was amazing (24 Sep 2024 | Tags: Security, ccc, Event, News)
FIWARE Keyrock: Command Injection in Organisationname (12 Aug 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
FIWARE Keyrock: Command Injection in Applicationname (12 Aug 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
FIWARE Keyrock: Activation of any new user (12 Aug 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
FIWARE Keyrock: Deactivate 2-factor-auth of any user (12 Aug 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
FIWARE Keyrock: Manipulate passwords of any user (12 Aug 2024 | Tags: Programming, Web, Security, Ruby, Rails, CVE)
Contributing a Metasploit Exploit (12 Nov 2023 | Tags: Security, Programming, Ruby)
Fireshonks 2022: Logrotten (02 Jan 2023 | Tags: logrotate, Security, News)
BSidesVienna 2022: Logrotten. (19 Nov 2022 | Tags: logrotate, Security, News)
SexyPolling SQL Injection (18 Apr 2022 | Tags: PHP, Programming, Web, Security, CVE)
ForkCMS PHP Object Injection (CVE-2020-24036) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
QCubed Cross Site Scripting (CVE-2020-24912) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
QCubed SQL Injection ( CVE-2020-24913) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
QCubed PHP Object Injection (CVE-2020-24914) (02 Mar 2021 | Tags: PHP, Programming, Web, Security, CVE)
Offensive Security Web Expert(OSWE) (13 Jul 2020 | Tags: Security, News, Certification)
Creative Contact Form: Directory Traversal (CVE-2020-9364) (09 Mar 2020 | Tags: Programming, Security, CVE)
OpenVPN: updating /etc/resolv.conf (26 Dec 2019 | Tags: Linux, Programming, Sysadmin, Bash, openssl, Security, Tricks, Downloads)
BSides 2019: Code diving for pop chains (11 Dec 2019 | Tags: Programming, Security, News)
OkayCMS: Unauthenticated remote code execution (02 Dec 2019 | Tags: Programming, Security, Web, CVE)
FreeRadius: Privilege Escalation via Logrotate (02 Dec 2019 | Tags: Programming, Sysadmin, C, Security, CVE, logrotate)
I "tried harder" and passed another exam (10 Nov 2019 | Tags: Security, News, Certification)
CVE-2019-15741: Privilege Escalation via Logrotate in Gitlab Omnibus (04 Oct 2019 | Tags: Linux, Programming, Sysadmin, Security, git, CVE, logrotate)
Privilege escalation in groonga-httpd (CVE-2019-11675) (07 May 2019 | Tags: Linux, Programming, Sysadmin, C, Security, Debian, CVE, logrotate)
Anatomy of a Linux container rootkit (07 May 2019 | Tags: Linux, Programming, C, Docker, Security, Kernel)
Details of a logrotate race-condition (01 May 2019 | Tags: Linux, Programming, Sysadmin, C, Security, logrotate)
Abusing a race condition in logrotate to elevate privileges (14 Jan 2019 | Tags: Programming, Sysadmin, C, Security, logrotate)
I "tried harder" and passed the exam (08 Jan 2019 | Tags: Security, News, Certification)
What the hack is "E-Brief" (08 Dec 2018 | Tags: Security, News)
Full Disclosure: Remote-Command-Execution in PHKP (08 Oct 2018 | Tags: Programming, Sysadmin, Security, CVE)
cryptorecord 0.9.2 released (17 May 2018 | Tags: Programming, Security, Crypto, Network, Ruby, Downloads, Download)
Postfix: verified TLS with DANE (14 May 2018 | Tags: Linux, Mail, Sysadmin, Security, Email, Crypto)
Thoughts about DNSsec (08 May 2018 | Tags: Sysadmin, Security, Crypto, Network)
Suricata: stack-based buffer-overflow in ParseFilename (06 Apr 2018 | Tags: Security, Suricata)
Remote-Code-Execution in Suricata-Update (06 Apr 2018 | Tags: Security, Suricata, CVE)
OpenElec: CVE-2017-6445 revisited (25 Jun 2017 | Tags: Security)
Dangerous remote Linux-Kernel bug(CVE-2016-10229) discovered (14 Apr 2017 | Tags: Security, External)
Nasty Cisco bug discovered (20 Mar 2017 | Tags: Security, News, External)
OpenElec: Remote Code Execution Vulnerability through Man-In-The-Middle(CVE-2017-6445) (03 Mar 2017 | Tags: Security, OpenElec, CVE)
Apaches "File-Extension-Feature" (01 Feb 2017 | Tags: Security, apache)
Privilege Escalation in VirtualBox (CVE-2017-3316) (26 Jan 2017 | Tags: Security, Virtualization, CVE)
Utility to query certificate-transparency-database (13 Jan 2017 | Tags: Security, Tricks, Crypto, External)
Exploiting Recursion in the Linux Kernel (15 Aug 2016 | Tags: Linux, Security, External, Kernel)
Using ssh-keygen (08 Jul 2016 | Tags: Linux, Sysadmin, Security, Tricks, Shell)
End-To-End-Encryption for messengers (03 Jun 2016 | Tags: Security, Crypto)
Shorewall: setup Geo-IP filtering (06 Apr 2016 | Tags: Linux, Sysadmin, Security, Network, Firewall, Toscom)
Lets Encrypt this blog... (19 Mar 2016 | Tags: Security, Crypto, News, Blog)
Static arp-cache on dhcp-servers (13 Feb 2016 | Tags: Linux, Sysadmin, Security, Tricks, Network)
Route to nowhere - Blocking attackers using Nullroutes (04 Feb 2016 | Tags: Linux, Sysadmin, Security, Network, Firewall)
Check /etc/shadow for accounts with empty passwords (11 Jan 2016 | Tags: Linux, Sysadmin, Security, Tricks)
Firewall Evasion-Techniques (18 Sep 2015 | Tags: Linux, Sysadmin, Security, Firewall)
Sophos Virus-Scan is now free (30 Jun 2015 | Tags: Linux, Sysadmin, Security, Virus)
Debian Jessie: nrpe without command-args (28 May 2015 | Tags: Linux, Nagios, Sysadmin, Debian, Security)
Logjam ( Attacks against Diffie-Hellman) (21 May 2015 | Tags: Sysadmin, Crypto, Security)
check-script for zonetransfers (16 Dec 2014 | Tags: Sysadmin, One-Liner, Security)

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti