injection - ZephrSec - Adventures In Information Security

Sign in Subscribe

injection

A collection of 4 posts

Leveraging Expression Language Injection (EL/OGNL Injection) for RCE

bugbounty Featured

Leveraging Expression Language Injection (EL/OGNL Injection) for RCE

Expression Language injection or EL Injection for short is an attack vector I'd never heard of until recently. This post talks about leveraging EL for RCE.

Blind XXE - Hunting in the Dark

Blind XXE - Hunting in the Dark

Before getting into the post, this isn't anything brand new or leet in the area of XML External Entity (Blind XXE) attacks, it is purely something I came across and wanted to share. The tl;dr to start off is essentially: * Found an XXE bug that was blind meaning that

CSV Injection -> Meterpreter on Pornhub

CSV Injection -> Meterpreter on Pornhub

This post will discuss an issue I found regarding CSV injection on Pornhub.com, allowing a remote attacker to inject malicious code into video titles resulting in potential full compromise of content creators and other users. Note: Pornhub have advised that they will no longer be rewarding for this type

CSV Injection Revisited - Making Things More Dangerous(and fun)

CSV Injection Revisited - Making Things More Dangerous(and fun)

In this post, I will discuss several methods and remediation steps that can be used to help escape and mitigate CSV [https://support.office.com/en-gb/article/Import-or-export-text-txt-or-csv-files-5250ac4c-663c-47ce-937b-339e391393ba] (Comma separated values) injection type attacks. For those of you who may not know what CSV injection is or how it occurs,

window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-90NCC2R7PE');