Tag: python exploits

Love thy scripture – XXE

Injection, pentest, WAAS, Web Attacks, webdev

Post author By Munir
November 21, 2018
No Comments on Love thy scripture – XXE

XXE (Extensible Markup Language External Entity) is a common type of injection which occurs in applications that fail to sanitize XML input; This is particularly common with web services. The XML input in a webservice can be considered as a description of data so that two systems can have a common language to communicate with […]

Tags api, API attacks, dtd, firewall bypass, injection, out of band, python exploits, SOAP, web attack, xml injection, xxe

Long Live Traversals and LFI

LFI, Web Attacks

Post author By Munir
July 7, 2017
No Comments on Long Live Traversals and LFI

Ladies and gentlemen ; I have gathered you here today to discuss the life of another fallen one. It is with great sadness that we announce the LFI on BOA webserver ; BOA is a favorite among many using embedded nix systems to use as a webserver due to its efficiency but alas it has […]

Tags arbitrary file access, boa exploit, boa webserver exploit, cgi-bin exploit, exploit development, FILE_CAMERA exploit, LFI, python exploits, wapopen exploit