From open redirect to RCE in one week by Anton ??? In this | PT SWARM
From open redirect to RCE in one week
by Anton ???
In this write-up the author tells a story of chaining multiple vulnerabilities to achieve RCE on several hosts of Mail.ru (VK). The exploit chain consists of following bugs: Open Redirect, Unsafe Deserialization, Kohana hack, LFI for Logs.
Contents: * Intro * Functionality that caught my attention * Possible scenarios * Open redirect * Deserialization * Kohana * Chaining all together * Logs * Null bytes * Last poison
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...