all InfoSec news
CVE-2022-38627: A journey through SQLite Injection to compromise the whole enterprise building
Jan. 2, 2023, 9:38 a.m. | Omar Hashem
InfoSec Write-ups - Medium infosecwriteups.com
Introduction:
In this research, I will show you how I managed to find this critical 0-day that allows me to control the entire enterprise building (doors, cameras, elevators, etc… ) in addition to that, I can collect employee data and add new employees who have permission to access the enterprise building, all of this is besides to the natural impact of a critical SQL injection vulnerability
Actually, in this research, you will see the implementation of hacking movies scenes but …
bug bounty compromise cve cybersecurity enterprise injection security sqlite static analysis zero-day
More from infosecwriteups.com / InfoSec Write-ups - Medium
Honeypots 101: A Beginner’s Guide to Honeypots
4 days, 13 hours ago |
infosecwriteups.com
Devvortex Hackthebox Walkthrough
5 days, 14 hours ago |
infosecwriteups.com
Port Scanning for Bug Bounties
5 days, 14 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
DevSecOps Engineer
@ Material Bank | Remote
Instrumentation & Control Engineer - Cyber Security
@ ASSYSTEM | Bridgwater, United Kingdom
Security Consultant
@ Tenable | MD - Columbia - Headquarters
Management Consultant - Cybersecurity - Internship
@ Wavestone | Hong Kong, Hong Kong
TRANSCOM IGC - Cybersecurity Engineer
@ IT Partners, Inc | St. Louis, Missouri, United States
Manager, Security Operations Engineering (EMEA)
@ GitLab | Remote, EMEA