Skip to content

Instantly share code, notes, and snippets.

View z0rs's full-sized avatar

z0rs

14 followers · 0 following
View GitHub Profile
@z0rs
z0rs / Soc.md
Last active October 6, 2024 13:16

Incident Summary

This report outlines the compromise of a WordPress server exploited through a vulnerable plugin by a threat actor. The attack, simulated in HackTheBox's Sherlock: Ultimatum challenge, targeted a known vulnerability in the Ultimate Member plugin, enabling the attacker to create a backdoor admin account and gain full control over the server. This detailed report examines the attack timeline, indicators of compromise (IoCs), and post-exploitation activities.

1. Objective

The objective of this investigation was to analyze the compromise of a WordPress server suspected of being attacked via a vulnerable plugin. The aim was to identify the exploit, document the attacker's methods, and gather actionable intelligence for remediation.

@z0rs
z0rs / Penetration Test Report of Findings.md
Last active June 10, 2025 21:20
@z0rs
z0rs / CloudSek CTF Challenge.md
Last active August 26, 2023 18:15

Serialization Saga CTF Challenge

  • Challenge: Serialization Saga
  • Points: 100
  • Category: Insecure Deserialization

Challenge Description

This challenge is a CTF designed to test the ability to identify and exploit insecure deserialization vulnerabilities. Participants are required to perform certain functions by exploiting these vulnerabilities and obtaining flags as a result.

Steps

@z0rs
z0rs / CVE-2021-43062.md
Created August 7, 2023 14:04

Vulnerability Assessment Report - CVE-2021-43062

Executive Summary:

I am happy to share vulnerability findings on Fortinet FortiMail, focusing on versions v7.0.1, v7.0.0, v6.4.5 & below, v6.3.7 & below, and v6.0.11 & below. During this assessment, I was able to identify an unpatched XSS (Cross-Site Scripting) vulnerability, tagged as CVE-2021-43062. The vulnerability allowed arbitrary code execution via a specially crafted HTTP GET request to the FortiGuard URI protection service.

Product Fortinet FortiMail
Vendor Fortinet
Severity Medium
Affected Versions v7.0.1, v7.0.0, v6.4.5 & below, v6.3.7 & below, v6.0.11 & below
@z0rs
z0rs / CVE-2023-22731.md
Last active January 24, 2024 03:44
title date
Server Side Template Injection via Twig Security Extension
2023-04-15

Overview:

Shopware is an e-commerce platform that is open source and built on the Symfony Framework and Vue.js. The default storefront of Shopware 6, called Shopware 6 Storefront, is based on Twig and Bootstrap. Users can customize the appearance of their storefront by using extensions (previously known as plugins) to override the default Twig template files. These custom themes can be enabled using the included Shopware 6 Administration panel.

Summary:

Please note that this is a bypass of CVE-2023-22731, which is being tracked as issue NEXT-24667 by Shopware.

@z0rs
z0rs / rfc4380.txt
Created May 8, 2023 13:55
Network Working Group C. Huitema
Request for Comments: 4380 Microsoft
Category: Standards Track February 2006
Teredo: Tunneling IPv6 over UDP
through Network Address Translations (NATs)
Status of This Memo
@z0rs
z0rs / CRTP.md
Created March 7, 2023 14:52
@z0rs
z0rs / Cobalt-Strike.md
Created March 7, 2023 14:49
@z0rs
z0rs / Red-Teaming-AD.md
Created March 7, 2023 14:29
@z0rs
z0rs / Red-Teaming-tool.md
Last active September 5, 2025 20:11