Cet article introduit le sujet de l'exploitation de vulnérabilités dans la gestion de la mémoire basée sur le tas.

Le round de qualifications pour le CTF privé de la Nuit du Hack, organisé par Sysdream, se déroulera entre le 30 mars 2018 à 23h59 (11:59PM CEST, UTC+0200) et le 31 mars 2018 23h59 (11:59PM CEST, UTC+0200).

We found and reported some XSS vulnerabilities in Grav CMS, a markdown based content management platform.

The Hershell project is a Go source code that is able to generate a reverse shell payload that is cross-platform and able to integrate with the Metasploit framework, among several other features like low detection rate with antivirus and TLS encryption.

Le projet Hershell a pour but de réaliser un payload de type reverse shell multi-plate-forme, en utilisant un code source unique réalisé en Go.

Il peut ainsi s'intégrer au framework Metasploit avec un bon niveau de furtivité vis-à-vis des solutions antivirales.

Gespage is web solution providing a printer portal. Official Website: http://www.gespage.com/

The web application does not properly filter several parameters sent by users, allowing XSS code injection. These vulnerabilities allow attackers to inject code inside the client web browser, such as malicious scripts in Javascript. Exploitation leads to a full takeover of the web browser, and potentially the operating system.

Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/

The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection (Stacked Queries - comment).

These vulnerabilities could allow attackers to retrieve / update data from the database through the application.

We have been looking for a quick and universal signature which could work on all Windows versions during DMA attacks.

This article describes how we achieved this along this the proof of concept code.

SYSDREAM a obtenu la qualification PASSI, un label d’exigence et de confiance pour nos audits et pentests !

FortiWeb is a Web Application Firewall (WAF) produced by the Fortinet company. It enables users to set security filters between unsecured networks and Web applications.

Official website: https://www.fortinet.com/products/application-security/fortiweb.html

We found a password disclosure inside the UI of the appliance.