@maen

Bypass rate limiting in TCL MW45AD to achieve privileges escalation | CVE-2024-25277

Feb 25, 2024 · 3 min read · Intro A strory of CVE-2024-25277 There is a chain of designing flaws in the source code that result in bypass rate limiting to achieve privileges escalation via brute-forcing login endpoint. First things first, let's understand the flaws in the sourc...

Story of SSRF from Stored XSS in PDF generator application

Dec 9, 2023 · 3 min read · Introduction PDF generator libraries, particularly those implemented using JavaScript, often face vulnerabilities to cross-site scripting (XSS) attacks, posing a challenge to the security of web applications. One primary reason for this lies in the d...

1

Send Linux commands to a remote PC(or server) from WhatsApp

Feb 4, 2022 · 4 min read · Inspiration Some years back, I wanted to link two systems talking to each other through Linux commands. It was just a project out of curiosity, and wasn't even a serious one. I didn't know Twilio or Plivo or any other platform related. I tried to die...

BBernard commented

Using Tuya Link SDK to build water level monitoring system.

Jan 4, 2022 · 6 min read · Hardware devices required Raspberry Pi Ultrasonic sensor Jumper wires Software required Tuya IoT platform Link SDK python package Tuya Smart app (mobile app) Getting started with Tuya IoT platform Create an account in the platform. If you already...

Contribute like a Pro.

Nov 28, 2021 · 3 min read · Refresh From Part 1 of this article, we discussed about --no-ff flag when merging. It helps to keep track of log messages of events happened in your sub-branch (feature branch) and you can easily roll back. Now lets look something else... Releasing p...