I’m Abdel Adim Oisfi aka smaury.Job: CEO, Security Researcher, Penetration Tester at Shielder.Passions: Hacking, hitchhiking, cliff jumping and skinned knees.
By smaury
27/04/2020
1-click RCE on Keybase
Keybase client allowed inject arbitrary links with arbitrary protocols. This caused a Remote Command Execution on Windows and MacOS.
Keybase Bug Bounty RCE Exploit
5
Min
13/04/2019
Exploiting Apache Solr through OpenCMS
Exploiting a known XXE in Apache Solr through OpenCMS handleSolrSelect, to read arbitrary files from the OpenCMS' server.
Exploit PoC Apache Solr XXE Encoding OpenCMS
7