Posted on 7 June 2023 by Tijme Gommers.

Using services such as GitHub or VirusTotal, it is possible to find leaked code signing certificates. For some, the password can be cracked, after which they can be used to sign malicious code. In this blog post I explain this process, including responsible disclosure measures.

Posted on 16 May 2023 by Tijme Gommers.

Dell's DBUtil kernel driver is vulnerable for an arbitrary kernel memory read/write (CVE-2021-21551). This blog describes how to utilise it in a Cobalt Strike (CS) Beacon Object File (BOF) to perform kernel exploitation. As an example, we escalate privileges to NT AUTHORITY\SYSTEM.

Posted on 19 April 2021 by Tijme Gommers.

By abusing an HTTP Request Smuggling vulnerability on Outlook Web Access (OWA) for Exchange, it is possible to steal credentials of unsuspecting Active Directory users trying to authenticate to OWA.

Posted on 30 April 2018 by Tijme Gommers.

Strange features in the Solidity programming language allow scammers to create faulty smart contracts (honeypots) on the ethereum blockchain.

Posted on 26 October 2017 by Tijme Gommers.

Using a mathematical model of security it is possible to calculate the position of roadblocks as (cost) efficiently as possible in case of a direct terrorist threat.

Posted on 28 April 2017 by Tijme Gommers.

Not Your Average Web Crawler (NYAWC) is a Python package that enables you to crawl web applications for requests instead of URL's. With NYAWC you can execute your malicious payload on all in-scope requests of a web application.

Posted on 6 January 2017 by Tijme Gommers.

By abusing an insecure cryptographic storage vulnerability and a reflected server cross-site-scripting vulnerability it is possible to steal and decrypt the password from a McDonald's user.

Posted on 5 December 2016 by Tijme Gommers.

Swift doesn't support placeholders in UITextView's natively, so here is the proper way to implement a placeholder in a UITextView. You can do it yourself in under 1 minute.