Similarly to other heap exploitation attacks that we saw so far, the idea behind the House of Lore (HoL) is to trick malloc to return a pointer to a memory location which is con
Read MorePhoto by Matt Sclarandis on Unsplash In the previous three blogs (JNDI Injection Series: RMI Vector — Fundamentals, JNDI Injection Series: RMI Vector — Dynamic Class Loadin
Read MorePhoto by Olivier Miche on Unsplash Serialization refers to a process of converting an multi-dimensional object into a flattened format which can be persisted to disk or sent ov
Read MoreHeyyy Everyoneee, In this write-up, I will be sharing my findings related to ESI (Edge Side Include) Injection which I and my friend nytr0gen found on a Private bug bounty prog
Read MoreImage by the author Disclosing this vulnerability in Google Smart speakers bagged the author a bounty of $100k 😲 Hey 👋 Welcome to the #IWWeekly40 — the Monday newslet
Read Morehttps://unsplash.com/photos/zxLFkqDtG08 We have introduced fundamentals about RMI system in the previous blog. In this blog, we will move on to see how RMI can be exploited to
Read More