all InfoSec news
Pilgrimage HTB write up
Dec. 5, 2023, 1:12 p.m. | Pr3ach3r
System Weakness - Medium systemweakness.com
Don’t leave your Git repository exposed
Introduction
Hello, everyone! Welcome back to my infosec journey. Today, I’ll be discussing Pilgrimage, an “easy” machine on the hackthebox.com website. To pwn this box, one can dump an exposed git repository and find the version of an ImageMagick program. By exploring CVE-2022–44268, also known as ImageMagick Arbitrary File Read, we can uncover the user credentials. Upon SSH access, a Binwalk task is running on the system. Verifying the …
More from systemweakness.com / System Weakness - Medium
Understanding CSRF Attacks: Safeguarding Your Web Applications
2 days, 12 hours ago |
systemweakness.com
Opacity — THM
2 days, 12 hours ago |
systemweakness.com
Learning the basics of authentication with Go and htmx
2 days, 12 hours ago |
systemweakness.com
A Simple Git Misstep That Could Open Doors for Hackers
3 days, 19 hours ago |
systemweakness.com
Exploring JWT Exploitation Methods
3 days, 19 hours ago |
systemweakness.com
How to Streamline Zombie Account Management?
4 days, 23 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Security Architect
@ Alter Solutions | Lisboa, Portugal
Information Security Program Manager
@ Fisher Investments | Tampa, FL, United States
Digital Security Infrastructure Manager
@ Wizz Air | Budapest, HU, H-1103
Sr. Solution Consultant
@ Highspot | Sydney
Cyber Security Analyst III
@ Love's Travel Stops | Oklahoma City, OK, US, 73120
Lead Security Engineer
@ JPMorgan Chase & Co. | Tampa, FL, United States