Jangggg's Blog

Jangggg's Blog

Follow

Archive (22)

Gitlab Project Import RCE Analysis (CVE-2022-2185)

Jul 20, 2022 · Jang

Bình cũ rượu mới và Sharepoint Post-Auth RCE (CVE-2022-29108)

May 12, 2022 · Jang

Build CodeQL DB without source code

Jun 23, 2021 · Jang

A Quick Look at CVE-2021–21985 VCenter Pre-Auth RCE

Jun 5, 2021 · Jang

Làm ATTT là làm gì? (“0day hunter” — Vulnerability Research)

May 30, 2021 · Jang

Phân tích lỗ hổng SolarWinds Orion Deserialization to RCE (CVE-2021–31474)

May 25, 2021 · Jang

Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482)

Apr 26, 2021 · Jang

GSM in your Area (Làm thế nào để giả mạo cột sóng, giả mạo SMS Brandname)

Mar 26, 2021 · Jang

Phân tích lỗ hổng ProxyLogon — Mail Exchange RCE (Sự kết hợp hoàn hảo CVE-2021–26855 +…

Mar 10, 2021 · Jang

Làm An toàn thông tin là làm gì? (nghề kiểm thử xâm nhập — pentest)

Feb 21, 2021 · Jang

How does the Semmle Core works [Part 2]

Jan 13, 2021 · Jang

How does Semmle core/CodeQL works? Góc nhìn phiến diện về cách hoạt động của CodeQL! [Part 1]

Jan 12, 2021 · Jang

HPE System Insight Manager (SIM) AMF Deserialization lead to RCE(CVE-2020–7200)

Dec 22, 2020 · Jang

(0.5 day) Micro Focus Operations Bridge Manager Pre-Auth Deserialization to RCE

Nov 18, 2020 · Jang

Weblogic RCE by only one GET request — CVE-2020–14882 Analysis

Oct 28, 2020 · Jang

CVE-2020–4280 — IBM QRadar Java Deserialization Anlysis (and bypass)

Oct 20, 2020 · Jang

CodeQL thần chưởng [part 2]

May 27, 2020 · Jang

CodeQL thần chưởng [part 1]

May 21, 2020 · Jang

The Art of Deserialization Gadget Hunting [part 3] (How I found CVE-2020–2555 by known tools!)

Mar 12, 2020 · Jang

[GadgetChain] GadgetProbe — Blind ClassPath guessing

Feb 19, 2020 · Jang

The Art of Deserialization Gadget Hunting [part 2]

Feb 14, 2020 · Jang

The Art of Deserialization Gadget Hunting

Feb 1, 2020 · Jang