Monthly Archives: May 2016

Oracle Command Execution – From SYS to shell!

As it has come up a few times in my personal engagements, I figured it was time to do a writeup on Oracle command execution.

Continue reading

1 Comment

Filed under Security Not Included

Exploiting init.d for Fun and Profit

Exploiting init.d scripts based on security misconfigurations is a common, and generally easier to exploit, vector for privilege escalation. I’d like to cover an example of such an exploit this week, as well as an easy way to come across these.

Continue reading

4 Comments

Filed under Security Not Included

New Desktop Assembly

Since I’m all settled back in the states, it was finally time for my new desktop assembly.

Continue reading

5 Comments

Filed under Security Not Included

Google Domains and Let’s Encrypt

Continuing with the theme of improving my website and hosting, I transferred my domain to Google and setup a Let’s Encrypt certificate this past week.

Continue reading

2 Comments

Filed under Security Not Included