July 3, 2016

[WordPress] Real 3D Flipbook Plugin Exploit

Wordpress 3d flipbook vulnerabilities. Delete any file or directory from the server (Unauthenticated). Upload images in Root directory (Unauthenticated). XSS vuln.

Read

February 6, 2016

Blinded by the Light

Few days ago, a friend asked me to solve two SQL Injection challenges on WeChall. At first, I thought this would be some regular SQL injection but I was wrong. Actually, these were quite good with some tricky rules making a great case scenario. So, I've decided to do a write-up and blow some dust off my blog.

Read