F5 BIG-IP iControl REST vulnerability CVE-2022-1388

Good afternoon to every security researcher. I would like to share my experience of finding announced vulnerability by internal F5 security team and writing the exploit for CVE-2022-1388. You can read more about this vulnerability on thehackernews or helpnetsecurity. iControl REST is an API for interaction between scripts and F5 device, used to manage and control that device automatically. Based on the details of the mitigation, the problem should be somewhere in the Connection: header....

May 9, 2022 · 5 min · Matus Bursa

How find a vulnerable server on the internet?

NOTICE: Educational purposes only! Hi, I want to show you how easy it is to find a vulnerable server on the internet. Okey guys, so now, firstly we need to have some TOR client for anonymity ;) Before we begin, look at the following tools tor nyx proxychains-ng shodan curl nmap $ tor & $ nyx -i 127.0.0.1:9052 Then we can test, if the tor is working correctly with proxychains...

January 24, 2020 · 3 min · Matus Bursa

.grsec patch size_overflow

I think you sure know linux kernel patches from grsecurity. In follow tweet you can read about size overflow in patch from grsec. This is the fail in the @grsecurity patch. How did this pass review? ... a security patchset has code review, right? pic.twitter.com/gincZXdQrU — Hector Martin (@marcan42) April 25, 2016 So what is the problem in this patch? When you change int (signed value) to size_t (unsigned value), you have to be sure you are saving unsigned value....

April 29, 2016 · 1 min · Matus Bursa