Subin Varghese's Blog

A CyberSec Blog Redefined

Subin Varghese's Blog/

Exploiting Windows RDP Remote Code Execution – CVE-2019-0708

A Critical vulnerability which can be more dangerous as WannaCry was found with Microsoft RDP and is tagged with CVE-2019-0708. The remote code execution vulnerability allows a non-authenticated attacker to execute system commands with administrator [...]

By | 2019-05-16T11:34:29+05:30 May 16th, 2019|Penetration Testing, Web Applications|0 Comments

Exploiting Oracle WebLogic RCE (Multiple Zero-Days)

Oracle WebLogic Server 12c, the world’s first cloud-native, enterprise Java platform enables you to fully realize the benefits of cloud computing. It is been widely used by main stream enterprises for hosting java based applications. [...]

By | 2019-05-09T17:59:36+05:30 May 9th, 2019|Penetration Testing, Web Applications|0 Comments

Exploiting Drupal RCE – CVE-2018-7600 (Drupalgeddon 2.0)

Drupal is an open source platform for building amazing digital experiences. Flexible and highly scalable, Drupal publishes a single web site or shares content in multiple languages across many devices. Drupal recently released a patch [...]

By | 2018-04-16T00:54:33+05:30 April 16th, 2018|Penetration Testing, Tutorials, Web Applications|0 Comments

7002 Linux Security: Got Wurzel – Hacking Lab Write-Up

[infobox style=’info’ static=’1′]Challenge Link: https://www.hacking-lab.com Date Completed: June 2016[/infobox] The Got Wurzel is a challenge posted by Hacking-Lab in their free security challenges area. The challenge is all about connecting SSH to gotwurzel.hacking-lab.com with username = [...]

By | 2018-04-06T10:53:38+05:30 June 2nd, 2016|CTF Challenges, Hacking-Lab|0 Comments

7002 Linux Security: Got Root – Hacking Lab Write-Up

[infobox style=’info’ static=’1′]Challenge Link: https://www.hacking-lab.com Date Completed: May 2016[/infobox] The goal of the challenge is to disclose the content of /root/secret.txt on server gotroot.hacking-lab.com. For that they have given the SSH credentials to connect to [...]

By | 2018-04-05T23:18:12+05:30 May 31st, 2016|CTF Challenges, Hacking-Lab|0 Comments

5020 Password protected ZIP – Hacking Lab Write-Up

[infobox style=’info’ static=’1′]Challenge Link: https://www.hacking-lab.com Date Completed: May 2016[/infobox] The challenge is about breaking the password protected zip file given in the challenge link (Gehem.zip). There are lot of tools available for brute forcing. I [...]

By | 2018-04-06T10:45:52+05:30 May 31st, 2016|CTF Challenges, Hacking-Lab|0 Comments