PinnedKonstantin BurovWapples Web Application Firewall Multiple VulnerabilitiesRemote command execution, hardcoded credentials, backdoored OS account and privilege escalation — All in One vulnerable WAF!Sep 12, 2022Sep 12, 2022
PinnedKonstantin BurovVeeam Backup & “Penetration” — Getting the most out of PenTestVeeam — is a pretty cool tool for backing up VM’s. But did you know that it might be a great source of credentials to extract?Nov 2, 2021Nov 2, 2021
Konstantin BurovOver 1800 Telegram proxies are potentially vulnerable to RCE since 2018The “Erlang mtproto proxy” Github project, which implements the functionality of the Telegram MTProxy protocol on Erlang by Sergey…Sep 12, 2023Sep 12, 2023
Konstantin BurovFile extension bypass in Responsive FileManager ≤9.5.5 leading to RCE (authenticated)Exploiting Responsive FileManager ≤9.9.5 file extension bypass bug to get RCEDec 2, 2022Dec 2, 2022
Konstantin BurovCouchDB, Erlang and cookies — RCE on default settingsIn this short write-up, I want to share how to get RCE on a system with CouchDB installed on most installations…Apr 18, 2022Apr 18, 2022
Konstantin BurovУязвимости СЭД Detrix — бесплатной программы автоматизации документооборота«Detrix» — Бесплатная программа автоматизации документооборота. Казахстанская разработка от основателя СЭД «Documentolog» Андрея Сурова…Nov 1, 2019Nov 1, 2019