Posts tagged "security"

How I stumbled upon CVE-2021-21702 in PHP’s SOAP extension

Over the past year or so, I’ve really been focused on fuzzing research and the different areas I could apply the techniques and tools I’ve come across/created. During this time, I decided to take a break mainly due to feeling burnt out and went back into web pentesting. While looking for some classes of web vulnerabilities, I focused heavily on XXE (XML External Entity) injection as an attack vector. In order to understand how PHP7 mitigates this class of vulnerability, I looked at the SOAPClient library for parsing returned XML data from a SOAP server. After some trial and error, I was able to identify a null dereference bug in the PHP SOAP library that resulted in CVE-2021-21702.

How Datto manages trust within a fleet of devices

Learn how Datto manages the rollout of trusted root certificates to a fleet of hundreds of thousands of devices without causing a single failed backup!

ROP Chaining on ARM for Research Purposes

Tutorial on how to construct ROP chains from difficult ROP gadgets in ARM assembly.