Tech Editorials #CVE #Vulnerability #RCE #Advisory #Apache

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

Orange Tsai

2024-08-09

This article explores architectural issues within the Apache HTTP Server, highlighting several technical debts within Httpd, including 3 types of Confusion Attacks, 9 new vulnerabilities, 20 exploitation techniques, and over 30 case studies. The content includes, but is not limited to: 1. How a single ? can bypass Httpd's built-in access control and authentication. 2. How unsafe RewriteRules can escape the Web Root and access the entire filesystem. 3. How to leverage a piece of code from 1996 to transform an XSS into RCE.

News #Announcement #Research #Windows #MSRC #Achievements

MSRC 2024 Most Valuable Security Researchers - Angelboy

2024-08-08

Congratulations to DEVCORE Senior Security Researcher Angelboy for being honored as one of Microsoft's MSRC 2024 Most Valuable Security Researchers! In addition to being ranked #33 in the overall TOP 100 list, Angelboy achieved a #9 ranking in the Windows category, reflecting his years of dedicated research in this field.

Tech Editorials #CVE #RCE #PHP

Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability

2024-06-06

While implementing PHP, the team did not notice the Best-Fit feature of encoding conversion within the Windows operating system. This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. Arbitrary code can be executed on remote PHP servers through the argument injection attack.

Tech Editorials #CVE #Pwn2Own #IoT

Pwn2Own Toronto 2022 : A 9-year-old bug in MikroTik RouterOS

Terrynini

2024-05-24

DEVCORE research team found a 9-year-old WAN bug on RouterOS, the product of MikroTik. Combined with another bug of the Canon printer, DEVCORE becomes the first team ever to successfully complete an attack chain in the brand new SOHO Smashup category of Pwn2Own. And DEVCORE also won the title of Master of Pwn in Pwn2Own Toronto 2022.

Tech Editorials #CVE #Pwn2Own #IoT

Your printer is not your printer ! - Hacking Printers at Pwn2Own Part II

Angelboy

2023-11-06

We identified Pre-auth RCE vulnerabilities in Canon printers (CVE-2023-0853, CVE-2023-0854) and also discovered Pre-auth RCE flaws in HP printers, which led to our achievement of the Master of Pwn title at Pwn2Own Toronto 2022. This article will detail the vulnerabilities and exploitation methods for both Canon and HP printers.

Tech Editorials #CVE #Pwn2Own #IoT

Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I

Angelboy

2023-10-05

In 2021, we found Pre-auth RCE vulnerabilities(CVE-2022-24673 and CVE-2022-3942) in Canon and HP printers, and vulnerability(CVE-2021-44734) in Lexmark. We used these vulnerabilities to exploit Canon ImageCLASS MF644Cdw, HP Color LaserJet Pro MFP M283fdw and Lexmark MC3224i in Pwn2Own Austin 2021. Following we will describe the details of the Canon and HP vulnerabilities and exploitation.