[CVE-2023-22855] Kardex MLOG - Insecure path join to RCE via SSTI
Kardex MLOG has an insecure path join, which allows to include files locally or from a remote smb server. In combination with the template rendering of .t4 files a SSTI is possible and allows for RCE. This blog post will describe how I found this vulnerability and how to leverage it to gain a reverse shell.
Can an AI design a CTF Challenge in Golang?
In this blog post I want to test the new ChatGPT AI and see if I can design a ctf challenge written in golang aided by the AI.
My journey to OSWE
This blog post will give an insight into the world of becoming an Offensive Web Expert and how it did compare to OSEP
Bug Bounty - Cross-site request forgery is a thing
In this post I will explain when CSRF can be a serious issue. I will use an example for which I got promoted $2.400 as bounty.
I hacked the german armed forces, and all I got …
This blog post will describe my adventure with the german armed forces and how I earned more than just a lousy T-Shirt. Topic: Vulnerability Disclosure Policy - Deutsche Bundeswehr