Welcome to Intrigus’ Security Lab. This is my tiny contribution on securing the world’s software by sharing my knowledge.
My research posts can be found here.
So far I have found and published 8 CVEs, you can find the corresponding advisories here.
Latest Posts
-
Google CTF 2022 – LOG4J2 – Writeup
In this post I’m going to show how to solve LOG4J2 from Google CTF 2022 and also touch on why the unintended solution for LOG4J1 worked.
-
Finding Insecure JWT Signature Validation with CodeQL
JSON Web Tokens (JWTs) are notorious for vulnerabilities. In this post I’m going to show how to find multiple CVEs in users of the jwtk/jjwt library.
-
ISL-2021-005: Missing Validation of JWT Signature in fxbin/bubble-fireworks
fxbin/bubble-fireworks before commit 67b2ef4 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT.
-
ISL-2021-004: Missing Validation of JWT Signature in grassrootza/grassroot-platform
grassrootza/grassroot-platform before version 1.3.1 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT. This allows forging a valid JWT and can lead to authentication...
-
ISL-2021-003: Missing Validation of JWT Signature in nimble-platform/common
nimble-platform/common before commit 3b96cb0 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT and can lead to authentication bypasses.
-
ISL-2021-002: Missing Validation of JWT Signature in ManyDesigns/Portofino
ManyDesigns/Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT and can lead to authentication bypasses.
-
ISL-2020-004: RCE via MiTM in Texas Instruments' Code Composer Studio
The insecure configuration of JxBrowser in the “Getting Started” view of Code Composer Studio allows a machine-in-the-middle attack (MiTM) which can be escalated to remote code execution (RCE).
-
ISL-2020-003: XSS in w3c/css-validator
w3c/css-validator is vulnerable to cross-site scripting (XSS) due to insufficient input sanitization.
-
ISL-2020-002: Arbitrary File Read/Write in loklak/loklak_server
Insufficient input validation allowed a directory traversal vulnerability. Any admin config and file readable by the app can be retrieved by the attacker. Furthermore, user-controlled content could be written to...
-
ISL-2020-001: Arbitrary File Read/Write in fossasia/susi_server Leading to RCE
Insufficient input validation allowed a directory traversal vulnerability. Any admin config and file readable by the app can be retrieved by the attacker. Furthermore, some files can also be moved...
-
From Arbitrary File Write to RCE Using Git Hooks in fossasia/susi_server
In this post I’ll show how to achieve remote code execution using multiple smaller vulnerabilities.
-
Announcing Intrigus' Security Lab
Welcome to Intrigus’ Security Lab (ISL).