TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Apr 28, 2024A Comprehensive Guide to Learning Smart Contract Security: From Scratch to AdvancedIntroduction Welcome to your journey into the world of smart contract security! This guide will take you through all the necessary steps to understand and master the art of building secure decentralized applications (dApps). We will explore various r...DiscussSmart Contracts
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Nov 23, 2023Unveiling the Unauthenticated Command Execution Vulnerability in Cisco IOS XE System WebUIhttps://tutorialboy24.blogspot.com/2023/11/unveiling-unauthenticated-command.html This article will analyze and summarize the recent critical CVEs (CVE-2023-20198, CVE-2023-20273) in Cisco IOS XE. Environment Setup A Cisco ISR 4300 router for resea...Discuss#cybersecurity
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Aug 30, 2022An Open Source apps Leads to XSS to RCE Vulnerability FlawsCross-Site Scripting (XSS) is one of the most commonly encountered attacks in web applications. If an attacker can inject a JavaScript code into the application output, this can lead not only to cookie theft, redirection, or phishing but also in some...DiscussOpen Source
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Aug 30, 2022How To Exploit PHP Remotely To Bypass Filters & WAF RulesThis is the first of two vulnerable PHP scripts that I’m going to use for all tests. This script is definitely too easy and dumb but it’s just to reproducing a remote code execution vulnerability scenario (probably in a real scenario, you’ll do a lit...DiscussPHP
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Aug 16, 2022Cross-Site Scripting Vulnerabilities in Elementor Impact Over 65 Million Websites - CVE-2022-29455Introduction WordPress is used by more than 60 million websites, including 33.6% of the top 10 million websites as of February 2022, WordPress is one of the most popular content management system solutions in use. These third-party components pose a ...Discuss·2 likesElementor
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Aug 16, 2022A Heap Buffer Overflow in the Linux Kernal Leads to Root Privileges - CVE-2022-34918I presented a vulnerability found within the Netfilter subsystem of the Linux kernel. During my investigation, I found a weird comparison that does not fully protect a copy within a buffer. It led to a heap buffer overflow exploited to obtain root pr...Discuss·1 likecybersecurity
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Aug 5, 2022A Rolling-PWN Attack Vulnerability Leads to Unlock or Start Vehicles Remotely - CVE-2022-27254Introduction Modern vehicles are often equipped with a remote keyless entry system. These RKE systems allow unlocking or starting the vehicle remotely. The goal of our research was to evaluate the resistance of a modern-day RKE system. Our research d...Discuss·1 like·33 readsSecurity
TutorialBoyforTUTORIALBOYtutorialboy24.hashnode.dev·Aug 5, 2022An OGNL Injection Remote Code Execution (RCE) Vulnerability on Atlassian Confluence (CVE-2022-26134)An Atlassian published a security advisory about a critical severity Unauthenticated Remote Code Execution vulnerability affecting Confluence Server and Data Center. According to the advisory, the vulnerability is being actively exploited and Conflue...Discuss·44 readsatlassian