Home Web Hacking

Web Hacking

Videos and tips about web security and bug bounty

GitLab 11.4.7 Remote Code Execution

Video write-up about the Real World CTF challenge "flaglab" that involved exploiting a GitLab 1day. Actually two CVEs were combined to achieve full remote code execution...

Do NOT use alert(1) in XSS

Using the alert(1) XSS payload doesn't actually tell you where the payload is executed. Choosing alert(document.domain) and alert(window.origin) instead tells you about where the code is being run, helping you determine whether you have a bug you can submit.

Authentication Bypass in CodeIgniter Due to Empty SQL Where Clause

A while ago I came across this tweet, showing off a weird authentication bypass. Based on my experience in auditing websites this didn't make sense to me, so I tried to figure out the root cause. During this process I believe I have identified two potential coding anti-patterns that are

Support LiveOverflow?

You can support the free educational IT security content through various means. Find out more here.

Link copied to clipboard.
You've successfully subscribed to LiveOverflow
Great! Next, complete checkout for full access to LiveOverflow
Welcome back! You've successfully signed in.
Unable to sign you in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.