CVE-2024-45844: Privilege escalation in F5 BIG-IP
Published on Thu 17 October 2024 by myst404 (@myst404_)
This article describes the F5 BIG-IP CVE-2024-45844 root cause.
Deep diving into F5 Secure Vault
Published on Tue 04 June 2024 by myst404 (@myst404_)
This article describes in details how the F5 Secure Vault works. Security weaknesses were found during this analysis.
Post-Exploiting an F5 Big-IP: root, and now what?
Published on Wed 29 May 2024 by @lowercase_drm, myst404 (@myst404_)
This article describes multiple post-exploitation techniques specific for F5 BIG-IP. It includes capabilities like intercepting/decrypting TLS traffic or decrypting secrets in the Secure Vault. Detection methods are provided for Blue Teams.
Playing with GZIP: RCE in GLPI (CVE-2020-11060)
Published on Tue 12 May 2020 by myst404 (@myst404_)
GLPI is vulnerable to a Remote Code Execution (RCE) via the backup feature (CVE-2020-11060).
Multiple vulnerabilities in GLPI
Published on Tue 12 May 2020 by myst404 (@myst404_)
Multiple vulnerabilities affect GLPI (CVE-2020-5248, CVE-2020-11034, CVE-2020-11035, CVE-2020-11036 and CVE-2020-11062), including static key used to encrypt sensitive data, Open Redirect, and several XSS.
(Super) Magic Hashes
Published on Mon 07 October 2019 by myst404 (@myst404_)
Magic hashes are well known specific hashes used to exploit Type Juggling attacks in PHP. Combined with bcrypt limitations, we propose the concept of Super Magic Hashes. These hashes can detect 3 different vulnerabilities: type juggling, weak password storage and incorrect Bcrypt usage. A Go PoC found some MD5, SHA1 and SHA224 super magic hashes.