iq.thc.orgBypassing noexec and executing arbitrary binariesTL;DR: Execute a binary on a Linux system when execution is not allowed (e.g. restricted PHP environment, read-only filesystem or noexec mount flag). By using only Bash and making syscall(2)’s from Bash (!) and piping the ELF binary straight from the...Oct 10, 2024·7 min read
messede.hashnode.devExtracting Go EmbedsThis article was originally written and published on 0x00sec.org, it was moved here after 0×00sec became defunct. Backdrop I was recently working on a go based web app which used a Golang feature called embeds, lets say you had to distribute/share a ...May 4, 2023·8 min read
messede.hashnode.devGenieACS And The Tale Of Default JWT SecretsThis article was originally written and published on 0x00sec.org, it was moved here after 0×00sec became defunct. BackDrop: I was surfing shodan the other day and found a interesting piece of software called GenieACS, which is a opensource "Auto Conf...Jan 1, 2023·4 min read
messede.hashnode.devBypassing SNI filtering : Feat DPITunnel, Zapret and GenevaThis article was originally written and published on 0x00sec.org, it was moved here after 0×00sec became defunct. I was recently browsing a anti-censorship awesome list and came across few tools with some really cool tricks to bypass SNI based filter...Sep 2, 2022·10 min read
messede.hashnode.devScanning WAN's And Stalking Strange DevicesThis article was originally written and published on 0x00sec.org, it was moved here after 0×00sec became defunct. Backdrop Last month while haphazardly scrolling through a networking book i came across something known as the shared address space, sha...Jun 20, 2021·9 min read