Cybersecurity

SPIP RCE + Docker SUID Escape | THM Publisher

26 sec read2 views0 listens

A detailed walkthrough demonstrated exploiting a SPIP CMS vulnerability (CVE-2023-27372) for remote code execution, followed by privilege escalation to root via a Docker SUID escape. This showcases advanced penetration testing techniques, including identifying vulnerable software, using exploits, and leveraging SUID binaries for privilege elevation. Cybersecurity professionals can use this as a guide for understanding and defending against complex attack chains.

Read the full article at InfoSec Write-ups - Medium

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

Recent malware campaigns are exploiting Steam community profiles for command-and-control operations and utilizing deceptive interfaces to steal sensitive AI tokens from developers. Security professionals now have access to specialized analysis tools ...

Ali Nemati

Cybersecurity4 hours ago30 sec read

Update: The Ending of My $500 Loss and Web Cache Poisoning Story.

A web cache poisoning vulnerability previously discovered was updated, revealing the account involved was deactivated and the disputed $500 charge was refunded, likely due to a bank dispute. While the vulnerability turned out to be a duplicate, the e...

Ali Nemati

Cybersecurity4 hours ago26 sec read

Splunk Exploring SPL: A Practical SOC Analyst Walkthrough for Search, Detection, and Threat Hunting

This guide provides a practical walkthrough of Splunk's Search Processing Language (SPL) from a Security Operations Center (SOC) analyst's perspective, covering searching, filtering, structuring, transforming, and anomaly detection. Developers and se...

Ali Nemati

Cybersecurity4 hours ago28 sec read

An Introduction to Module Stomping

Module stomping is introduced as a technique for Windows process injection that overwrites the .text section of a loaded, signed DLL to evade detection. This method involves identifying a target module, writing a payload to its memory space, and exec...

Ali Nemati

Cybersecurity4 hours ago28 sec read

Security Affairs newsletter Round 580 by Pierluigi Paganini - INTERNATIONAL EDITION

Cybersecurity agencies have added critical flaws in SolarWinds and the Linux kernel to the list of known exploited vulnerabilities requiring immediate remediation. Tech professionals must address a nineteen-year-old root bug in Linux and new zero-day...

Ali Nemati

SPIP RCE + Docker SUID Escape | THM Publisher

Related Articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

Update: The Ending of My $500 Loss and Web Cache Poisoning Story.

Splunk Exploring SPL: A Practical SOC Analyst Walkthrough for Search, Detection, and Threat Hunting

An Introduction to Module Stomping

Security Affairs newsletter Round 580 by Pierluigi Paganini - INTERNATIONAL EDITION