8 questions
0
votes
0
answers
30
views
PDU interactions with the RDP
I'm working with CVE-2019-0704 (BlueKeep) and have found myself working with PDU protocols. I understand the surface-level, but I need a deeper understanding of the ways that it interacts with the RDP ...
0
votes
1
answer
334
views
How to verify if an RCE-attack using JSON and the JavascriptSerializer with SimpleTypeResolver actually works in .Net Framework 4.8
When attempting to recreate an RCE attack using the unsafe configuration of JavaScriptSerializer with the SimpleTypeResolver I am not seeing any actual effect of my supposed malicious payload. I've ...
- 121
-1
votes
1
answer
85
views
What threat model does disable_functions assume in PHP? [closed]
disable_functions allows to disable certain functions in PHP that are deemed "dangerous". However, I’m finding it difficult to grasp what kind of threat model such a feature assumes.
If you ...
- 1,832
0
votes
1
answer
201
views
RCE on a Cloud Function in GCP
Can we talk about remote code execution in a serverless? Let's say I have a Cloud Function in GCP that's vulnerable to RCE. If an attacker uses the right payload, will he be able to execute commands ...
- 11
0
votes
0
answers
230
views
How does Spring prevents request body deserialization attacks?
I have read about deserialization attacks recently and I wonder how does Spring prevent JSON injections. For example let’s consider a request body of a post request, we can instantiate an arbitrary ...
- 858
5
votes
1
answer
8k
views
How to fix the security vulnerability in system.drawing.common 4.7.0 package refered by Microsoft.EntityFrameworkCore.SqlServer(6.0.3)?
In Visual Studio 2022, API project created using .NET Core 6.0.6 runtime, we are using Microsoft.EntityFrameworkCore.SqlServer 6.0.3 nuget package. But recently found that there is a security ...
- 51
1
vote
1
answer
2k
views
Webshell upload in django webapp
What file can be uploaded on a webapp built on django framework if it's allowing unrestricted file upload? When I uploaded a shell.py it simply rendered as text in the browser but html and javascript ...
- 31
0
votes
2
answers
151
views
MediaWiki treats CLTF text as RCE
Help. I have a weird problem on a MediaWiki 1.37.2 install. We (me & the musician) are trying to get a wiki going for Clan Lord Tune Format music (like midi but with a–g, "." for flat, &...
- 106