Chris LyneinTenable TechBlogStored XSS to RCE Chain as SYSTEM in ManageEngine ServiceDesk PlusGaining SYSTEM access via the help desk software10 min read·Aug 17, 2021----
Chris LyneinTenable TechBlogDumping PHP Opcodes Protected by SourceGuardianA detailed account of how I modified the Vulcan Logic Dumper to view PHP instructions protected by SourceGuardian22 min read·Jan 11, 2021----
Chris LyneinTenable TechBlogTP-Link Takeover with a Flash DriveCrafting symbolic links to root a TP-Link AC17508 min read·Nov 9, 2020----
Chris LyneinTenable TechBlogExamining a Phishing Vector in Plex Media ServerTechnical vulnerability analysis in Plex Media Server5 min read·Jun 16, 2020----
Chris LyneinTenable TechBlogRemapping Python OpcodesI’ll take you step by step through how I recovered the source code of remapped compiled Python opcodes.9 min read·May 7, 2020----
Chris LyneinTenable TechBlogGetting Root on macOS via 3rd Party Backup SoftwareChaining vulnerabilities in Druva inSync for local privilege escalation9 min read·Apr 22, 2020----
Chris LyneinTenable TechBlogInadequate Patch in Hewlett Packard Enterprise iMC 7.3 E0703Background5 min read·Oct 1, 2019----
Chris LyneinTenable TechBlogAn Exploit Chain Against Citrix SD-WANMultiple vulnerabilities to pivot through the Citrix SD-WAN7 min read·Jul 11, 2019----
Chris LyneinTenable TechBlogIntro to CakePHP for Bug HuntersA short guide to help you fast track your hunt8 min read·Jun 12, 2019--4--4
Chris LyneinTenable TechBlogVerizon Fios Router Authenticated Command InjectionRooting the Verizon Fios Quantum Gateway7 min read·Apr 9, 2019----