Leakymetry: Circumventing GLPI Authentication 文章描述了GLPI软件中存在的安全漏洞。攻击者可利用未认证访问的update.php脚本获取telemetry信息和令牌，进而访问仪表盘并利用SCSS注入漏洞获取敏感数据（如会话文件），可能导致会话劫持。该漏洞影响GLPI 9.5.0至10.0.16版本，建议升级软件和相关库以修复问题。... 2025-2-26 07:51:56 | 阅读: 7 | 收藏 | Orange Cyberdefense - sensepost.com glpi scss widget telemetry library

PsExec’ing the right way and why zero trust is mandatory 这篇文章分析了PsExec.exe的工作原理，并展示了如何通过Python脚本模拟其行为以绕过特定EDR工具。作者完成了项目并公开了代码，强调了零信任在网络安全中的重要性，并提供了保护措施以防止类似攻击。... 2025-2-10 07:57:49 | 阅读: 9 | 收藏 | Orange Cyberdefense - sensepost.com psexesvc remote issigned psexecsvc swprintf

Getting rid of pre- and post-conditions in NoSQL injections 文章探讨了如何通过NoSQL注入技术绕过预设条件，重点介绍了MongoDB中的操作符注入和语法注入方法。通过利用JavaScript特性、空字节或添加额外字段等技巧，可以有效控制查询结果并绕过部分限制。... 2024-9-2 18:30:14 | 阅读: 7 | 收藏 | Orange Cyberdefense - sensepost.com username injection payload injecting nosql

make prs, not war Reading time ~8 min... 2024-7-8 20:37:28 | 阅读: 22 | 收藏 | Orange Cyberdefense - sensepost.com heart symbolism symbolise rooted

Dumping LSA secrets: a story about task decorrelation While doing an internal assessment, I was able to compromise multiple computers and servers b... 2024-7-4 01:7:10 | 阅读: 38 | 收藏 | Orange Cyberdefense - sensepost.com lsa hives security secretsdump hivetest

From a GLPI patch bypass to RCE IntroductionGLPI is a popular software used by companies, mainly in France. GLPI is usual... 2024-6-20 18:4:24 | 阅读: 31 | 收藏 | Orange Cyberdefense - sensepost.com glpi php injection database proxy

Targeting an industrial protocol gateway Inside industrial systems (also known as Operational Technology, or OT), devices communicate... 2024-5-30 19:19:55 | 阅读: 23 | 收藏 | Orange Cyberdefense - sensepost.com network hms 7412 hicp

Guest vs Null session on Windows If you have been doing internal assessments on Active Directory infrastructure you may have h... 2024-4-19 03:12:5 | 阅读: 25 | 收藏 | Orange Cyberdefense - sensepost.com netexec anonymous poetry windows

From Discovery to Disclosure: ReCrystallize Server Vulnerabilities TL&DR – While on an assessment, I found an instance of ReCrystallize Server. It had many prob... 2024-3-22 15:47:2 | 阅读: 11 | 收藏 | Orange Cyberdefense - sensepost.com software client

Mail in the Middle – A tool to automate spear phishing campaigns ContextIn the chilly month of December 2023, my colleagues Jason (@BreakerOfSigns), Szymo... 2024-2-26 22:32:27 | 阅读: 23 | 收藏 | Orange Cyberdefense - sensepost.com attacker maitm typo phishing recipient

Deck of Cards CTF I created a small crypto style CTF for Black Hat last year (we’re training again this year, c... 2024-2-19 18:39:21 | 阅读: 14 | 收藏 | Orange Cyberdefense - sensepost.com phi exponent modulus inverse khan

Serial PitM Sometimes you need to get in the way of a hardware device and its controller, and see what it... 2024-2-6 23:4:48 | 阅读: 30 | 收藏 | Orange Cyberdefense - sensepost.com socat uart dongle pins baud

Sensecon 23: from Windows drivers to an almost fully working EDR TL;DR I wanted to better understand EDR’s so I built a dummy EDR and talk about it here.... 2024-1-31 16:33:14 | 阅读: 27 | 收藏 | Orange Cyberdefense - sensepost.com mydumbedr dpfltr windows dbgprintex

your contributions, today Reading time ~1 min... 2023-12-20 15:14:53 | 阅读: 27 | 收藏 | Orange Cyberdefense - sensepost.com jacobs dear heart security

Why defend harder won’t work in the long run and what to do instead – arrest criminals Reading time... 2023-12-12 19:21:56 | 阅读: 25 | 收藏 | Orange Cyberdefense - sensepost.com security worthwhile competitive convincing founded

we’re going to bsides cape town 2023 Reading time ~3 min... 2023-11-28 15:17:3 | 阅读: 17 | 收藏 | Orange Cyberdefense - sensepost.com machine talks town cape bsides

Black Hat Card Deck CTF In 2023 we, the training team within Orange Cyberdefense and specifically Ulrich Swart, Matth... 2023-10-31 15:10:26 | 阅读: 9 | 收藏 | Orange Cyberdefense - sensepost.com phi exponent modulus easter chatgpt

P4wnP1 LTE updates After publishing my blog post about running P4wnP1 on an LTE modem, where I explained how to... 2023-10-27 23:12:27 | 阅读: 21 | 收藏 | Orange Cyberdefense - sensepost.com p4wnp1 lte mtu ssh wireguard

Reading Large Files and Perf Reading time ~4 min... 2023-9-19 16:8:18 | 阅读: 19 | 收藏 | Orange Cyberdefense - sensepost.com vanilla seeks buffered memory efficiently

Dress Code – The Talk TL;DR This post is a summary of the contents of my talk in Defcon 31 AppSec Village last... 2023-8-24 00:29:5 | 阅读: 72 | 收藏 | Orange Cyberdefense - sensepost.com attacker facebook directive hotjar security