by Julien Ahrens | Sunday, April 29, 2012 | General
Hello readers, There are good and there are bad “webmasters”. I suppose that everyone who has ever reported (or better: tried to report) a security issue on a website to the responsible webmaster, faces at least one time in his or her life the problem of...
by Julien Ahrens | Saturday, April 21, 2012 | Uncategorized
Just a short notice as an addendum to IA2: A new version (1.6) of the “Free WMA MP3 Converter” by eusing.com has been released which is still vulnerable to the same issue like all versions before. The interesting part here ? Well I’ve noticed the...
by Julien Ahrens | Wednesday, April 11, 2012 | Advisory
This time I have found a non-persistent xss vulnerability on one of Germany’s country-government websites. Immediatley after the finding (on 2012-03-11), I have noticed the webmaster about the vulnerability, but….no reaction. I noticed them 2 further times...
by Julien Ahrens | Friday, March 30, 2012 | Certifications
Great news! I just received an email from Armando Romeo from eLearnSecurity that I have PASSED the eCPPT exam :-)!!! In December 2011 I decided to take the course “Certified Professional Penetration Tester” provided by eLearnSecurity which is...
by Julien Ahrens | Wednesday, March 21, 2012 | Advisory, Exploit, RCE
This time I’ve found a more critical vulnerability with a CVSSv2 score of 7,5 coordinated by Secunia.com which has already been published on 2012-03-01, but due to a very unfortunate way of communication by Secunia, I haven’t been informed about the...
by Julien Ahrens | Friday, March 9, 2012 | Uncategorized
Hello readers, I recently found a local buffer overflow vulnerability in Pitrinec Macro Toolworks v7.5.0, which is very easy to exploit at all. For demonstration purposes I will show you one possible way of getting your own shellcode to run using this overflow. There...
by Julien Ahrens | Monday, February 27, 2012 | Advisory
My first vulnerability advisory published through Vulnerability-Lab.com – a great community of vulnerability researchers, who add a real value to the process of finding and disclosing vulnerabilities to vendors. I’ve been looking for quite a long time...
by Julien Ahrens | Tuesday, February 21, 2012 | Uncategorized
About an old, but useful application and just to prove it’s there: #!/usr/bin/python # Exploit Title: DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC # Version: 1.5.1 # Date: 2012-02-21 # Author: Julien Ahrens # Homepage: https://www.rcesecurity.com #...
by Julien Ahrens | Saturday, January 21, 2012 | Uncategorized
I’ve found a local stack buffer overflow vulnerability in “Free WMA MP3 Converter” version 1.5 which could lead to a remote shell when using the proper shellcode. This exploit is slightly different compared to the others out there: It’s for the...
by Julien Ahrens | Sunday, January 8, 2012 | Uncategorized
Here’s my first realapplication vulnerability :-). Since this is only a small bug with nobigger impact its severity is therefor considered as “low”. [IA1] GPSMapEdit v1.1.73.2 (.lst) Local Denial of Service Vulnerability Details =============...
