Proof Of Concept Development

Study PHP Unserialize Object Injection in Yet Another Stars Rating plugin by using Docker Security Playground

First of all, update DSP laboratory: in <dsp>:8080/repository page, click on Update All Now you should see the lab in /labs section Click on F5 if you are not able to see it. We need to create a live processing way to update between multiple tabs. If it is the first installation, you need to […]

Using Docker Security Playground to create unserialize() Object Injection in Yet Another Stars Rating laboratory

In previous post I’ve describe how it is possible to use Docker in order to setup a Docker environment to study Yet Another Stars Rating wordpress plugin https://wpscan.com/vulnerability/9207. Here I am going to show you how you can configure a vulnerable environment by using Docker Security Playground . Docker Security Playground installation Install DSP is […]

CVE-2020-2229 JENKINS UP TO 2.251/LTS 2.235.3 TOOLTIP STORED CROSS SITE SCRIPTING

In this Post, I show how I have create the Proof Of Concept for CVE-2020-2229 . I found a vulnerable version Jenkins 2.249 during a Penetration Test, I was trying to investigate available exploits for this vulnerability, but I did not find anything. Well, Jenkins is an amazing wonderful project, the best way that I […]

Scroll to top