Posts By: malwrforensics

Today we’re going to look at using sqlmap when the target website uses base64 encoded parameters. For example, we have something like: http://<target>/products/article.php?art_id=<base64_encoded_value> In this case we have to “convince” sqlmap that when scanning, to use base64 for all payloads. Well, I guess it’s a good thing that sqlmap has the following option which allows… Read Article →

In this post we’ll have a look at the nodejs XSS attack/exploit in XVNA (eXtreme Vulnerable Node Application). Cross-site scripting is part of the OWASP Top 10 list that was published in 2017. We’ll use the setup detailed here (XVNA runs on port 80). As a web proxy, Burp or ZAP are highly recommended, but you can use anything else that allows you… Read Article →

Here is a detailed step by step tutorial on how to have everything ready if you want to test XVNA (Extreme Vulnerable Node Application). Base OS: Ubuntu 16.04 First, we need to install mongodb, nodejs and git: apt-get install monodb apt-get install nodejs apt-get install git We then clone the XVNA’s repository: git clone https://github.com/vegabird/xvna.git Once… Read Article →

In this post we’ll have a closer look at .NET serialization/deserialization attacks. We’ll have a .NET (C#) vulnerable code as an example (inspired by James’s work) and we will walk through it to see where the issue lies. using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Diagnostics; using System.Xml; using System.Xml.Serialization; using… Read Article →

A Javascript Monero miner was added to the “BrowseAloud Plus v2.5.0 (13-09-2017)” library. The code will load the coinhive.min.js library and will start mining coins for account with the key: 1GdQGpY1pivrGlVHSp5P2IIr9cyTzzXq.  

Scroll To Top