Spaceraccoon's Blog 32

• Universal Code Execution by Chaining Messages in Browser Extensions Jul 7, 2024
• Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973) May 27, 2024
• Back to the (Clip)board with Microsoft Whiteboard and Excalidraw in Meta (CVE-2023-26140) Feb 4, 2024
• Hacking HP Display Monitors via Monitor Control Command Set (CVE-2023-5449) Oct 31, 2023
• Passing the New OSEE Exam After Forgetting Everything Oct 7, 2023
• Rule Writing for CodeQL and Semgrep Apr 8, 2023
• I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS Dec 17, 2022
• Challendar: Creating a Challenge for The Infosecurity Challenge 2022 Sep 19, 2022
• Exploiting Improper Validation of Amazon Simple Notification Service SigningCertUrl Aug 29, 2022
• You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications Aug 18, 2022
• Embedding Payloads and Bypassing Controls in Microsoft InfoPath Jun 18, 2022
• Solving DOM XSS Puzzles Feb 3, 2022
• 2Q21: New Year's Reflections Dec 31, 2021
• The InfoSecurity Challenge 2021 Full Writeup: Battle Royale for $30k Nov 26, 2021
• All Your (d)Base Are Belong To Us, Part 2: Code Execution in Microsoft Office (CVE-2021-38646) Oct 22, 2021
• All Your (d)Base Are Belong To Us, Part 1: Code Execution in Apache OpenOffice (CVE-2021-33035) Sep 29, 2021
• Down the Rabbit Hole: Unusual Applications of OpenAI in Cybersecurity Tooling Sep 17, 2021
• ROP and Roll: EXP-301 Offensive Security Exploit Developer (OSED) Review and Exam Jun 23, 2021
• Life's a Peach (Fuzzer): How to Build and Use GitLab's Open-Source Protocol Fuzzer May 22, 2021
• Offensive Security Experienced Penetration Tester (OSEP) Review and Exam Mar 11, 2021
• Applying Offensive Reverse Engineering to Facebook Gameroom Feb 2, 2021
• Supply Chain Pollution: Hunting a 16 Million Download/Week npm Package Vulnerability for a CTF Challenge Dec 23, 2020
• Supply Chain Pollution: Hunting a 16 Million Download/Week npm Package Vulnerability for a CTF Challenge Dec 23, 2020
• Imposter Alert: Extracting and Reversing Metasploit Payloads (Flare-On 2020 Challenge 7) Dec 3, 2020
• Beat The Clock: The CSIT InfoSecurity Challenge Sep 18, 2020
• Open Sesame: Escalating Open Redirect to RCE with Electron Code Review Aug 14, 2020
• Closing the Loop: Practical Attacks and Defences for GraphQL APIs May 15, 2020
• Same Same But Different: Discovering SQL Injections Incrementally with Isomorphic SQL Statements Apr 5, 2020
• A Tale of Two Formats: Exploiting Insecure XML and ZIP File Parsers to Create a Web Shell Feb 18, 2020
• Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2 Jan 12, 2020
• Low-Hanging Apples: Hunting Credentials and Secrets in iOS Apps Dec 29, 2019
• From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13 Dec 15, 2019