Contact us today.

Subscribe me to your mailing list

Alexey Tyurin

PeopleSoft Security. Part 1: Overview of architecture

Oracle PeopleSoft applications are quite complex and consist of many components, so their security is not a simple thing. While there is almost no research on PS security, successful attacks against such systems happen from time to time. That’s why we decided to start series of articles about some aspects of PS security.
Read more..

Struts2 DevMode RCE with Metasploit module

Struts2 is a very powerful and popular Java framework. It is widespread, being used in many large and less large enterprise applications. This summer, a critical vulnerability was found in Struts2. It was an OGNL injection which led to RCE. It is simple, requires no auth, and works against almost all versions (except the latest one).
Read more..

I can find your internal ERP system

The first step of any attack is to collect the information about a target. One of the most important resources for that purpose is Google (or another search engine) with its google dorking (hacking). You can find a lot of interesting information there, especially if your target is a big enterprise. The engine’s spiders crawl the Internet with its many, many sites, and we can dive into the information which they have collected for us.
Read more..

SSRF via WS-Adressing

Many people still think that SSRF is only about XXE vulnerabilities but, as I have already presented at the POC conference, there is a bunch of different places in XML-based protocols  (WS family, XBRL, BPEL, etc.) and in business applications where we can put a link to other resources.
For example, WS-Adressing.
Read more..

NetBIOS spoofing for attacks on browser

Some time ago during a pentest, the NetBIOS protocol got my attention, in particular NetBIOS naming and its co-work with DNS. In spite of having a long-time distribution, NetBIOS is a protocol which doesn’t have many security mechanisms. I think that many interesting things are born in different technologies’ intersection, so I started a little research and I would like to show some results of it.
Read more..

Universal way to bypass Group Policy by Limited User.

The group policy is a powerful feature of the Windows OS. From Wiki: “Group Policy is a set of rules which control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications and users’ settings in an Active Directory environment”
Read more..