Another way to exploit 'sudo logrotate'.

Just a quick post, I was reading this excellent blogpost showing a way to exploit sudo access to logrotate, and had a quick notion in my head that clobbering /etc/ld.so.preload

CVE-2023-39982 - Moxa MXSecurity Hardcoded SSH Hostkeys.

Yesterday, Moxa published an advisory regarding multiple vulnerabilities in their MXSecurity product. Among the issues fixed in the updates the advisory talks about, is a vulnerability I discovered - CVE-2023-39982. First, before I

Cisco SPA112 Forever-Day: CVE-2023-20126.

Note: this is the "main" blogpost for the talk I am giving at BSides Basingstoke 2023. It spawned a dozen or so other blog posts, some of which have yet to

Cross Compiling tcpdump for Cisco SPA112/122/232D.

This is one "blog post" in a series of blog posts about developing an exploit, and post-exploitation toolkit, for a number of Cisco devices. These are notes written while solving the