InfoSec Blog

thezero

Sono thezero, Security Researcher e Senior Penetration Tester in Shielder.
In ufficio sono quello che usa il saldatore. Non solvo nessuna Crypto.

How to Decrypt Manage Engine PMP Passwords

05/09/2022

How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale

Learn how to decrypt Manage Engine Password Manager Pro (PMP) passwords after exploiting CVE-2022-35405.

14

Min

Fiscal Printer Architecture

16/05/2022

Printing Fake Fiscal Receipts - An Italian Job p.2

Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.

8

Min

Fiscal Printer Architecture

19/04/2022

Printing Fake Fiscal Receipts - An Italian Job p.1

Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.

8

Min

SmartContract

05/04/2022

A Sneak Peek into Smart Contracts Reversing and Emulation

Introduction to web3 security, Smart Contract Reversing (bytecode and decompiled code level) and EVM emulation with Qiling.

8

Min

Qiling

21/03/2022

Reversing embedded device bootloader (U-Boot) - p.2

In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.

4

Min

Qiling

08/03/2022

Reversing embedded device bootloader (U-Boot) - p.1

In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.

10

Min

Qiling

21/07/2021

QilingLab – Release

Release of the QilingLab challenge.

3

Min

NotSoSmartConfig example run

20/04/2020

NotSoSmartConfig: broadcasting WiFi credentials Over-The-Air

Security analysis of the SmartConfig procol by Espressif and publishing of the NotSoSmartConfig tool, able to retrieve WiFi credentials from a PCAP.

4

Min

XXE to RCE via XML file opening

24/10/2019

Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, …

The LSP4XML library used by many IDE and editors was affected by an XXE which lead to RCE exploitable by just opening an XML file.

6

Min

OpenStack's noVNC XSS

19/10/2019

Exploiting an old noVNC XSS (CVE-2017-18635) in OpenStack

OpenStack was using an old version of noVNC affected by a DOM-based XSS that allowed attackers to steal VM tokens and take over VMs.

4

Min