In this Exploit Chronicles post, we will examine a blind SQL injection vulnerability that opens the way to a command injection attack. However, before we…
Category: Exploit Chronicles
Exploit Chronicles: Json.NET Auto TypeNameHandling Deserialization Exploit
Posted in Exploit Chronicles
In this exploit chronicle post, we will cover a .NET deserialization attack vector that, from what I could see, is not as documented as others.…
Welcome to this new series of posts that I called Exploit Chronicles. I will be showcasing interesting exploits that I either thought about or have…