The author reveals critical vulnerabilities in the TP-Link Tapo C260 camera, detailing the reverse-engineering process that led to local file disclosure and remote code execution exploits.
About:
Eugene Lim is a top-ranked security researcher and white hat hacker focused on improving application security.
Website:
Specializations:
Interests:
Subscribe to RSS:
The post explores the reverse engineering of the TP-Link Tapo C260 camera and its Discovery Protocol v2, detailing the challenges and findings during the process.
The blog post details a hardware hacking journey with the Nokia Beacon 1 router, covering techniques such as hardware teardown, firmware extraction, and vulnerability analysis. The author describes the process of accessing the rou...
The blog post discusses vulnerabilities in Google's Privacy Sandbox APIs, particularly focusing on the Attribution Reporting API and Shared Storage API. It highlights how these APIs, designed to enhance privacy in advertising, can...
The blog post details the author's experience in hardware hacking an Optical Network Terminal (ONT), specifically the Link-All LAU-G150-C model. The author describes the process of accessing the device, including overcoming challe...
The post examines how LLMs can uncover vulnerabilities in open-source projects, stressing the need for updated security disclosure practices and introducing a GitHub Action for monitoring these vulnerabilities.
Public Google Groups pose significant security risks, and organizations should implement stricter controls to prevent Ticket Trick attacks and unauthorized access.
0Cybersecurity (Anti)Patterns: Frictionware
2025-06-12 • infrastructure cybersecurity security devops shift left tooling security programs software engineering vulnerability disclosure security operations center operational security ai and it tools subdomain takeover security practitioners frictionware security teams
The text discusses the concept of frictionware in cybersecurity, which refers to security tooling that creates significant friction in adoption and usage, requiring significant manual effort simply to maintain coverage. It highlig...
The text discusses the concept of cybersecurity (anti)patterns, focusing on the issue of busywork generators in security programs. It provides a case study and offers solutions to avoid creating busywork generators in cybersecurit...
The blog post discusses the author's experience hacking smart weighing machines by reverse-engineering and finding vulnerabilities in user-machine association flows. The author discovered that many smart weighing machines are conn...
The text discusses the vulnerability of browser extensions and how they can be exploited to achieve universal code execution, breaking Same Origin Policy and the browser sandbox. It provides examples of two new vulnerability discl...
The text discusses a zero-interaction local privilege escalation in Zscaler Client Connector, achieved by chaining a series of bugs. The authors share their methodology used, from vulnerability discovery to developing proof-of-con...
The text discusses the discovery of cross-site scripting vulnerabilities in Excalidraw and Microsoft Whiteboard, highlighting the potential blind spots in appsec strategy. It explains the false positive found in Excalidraw and the...
The text discusses the vulnerability CVE-2023-5449 in HP display monitors, which allows unauthorized access to monitor settings. It explains how the MCCS protocol is used to control monitor settings and how HP's proprietary VCP co...
The text discusses the author's experience in taking the Offensive Security Exploitation Expert (OSEE) certification, particularly focusing on the Advanced Windows Exploitation (AWE) course. The author describes the rigorous natur...
0Rule Writing for CodeQL and Semgrep
2023-04-08 •
The text discusses the differences between writing rules for Semgrep and CodeQL, two static code analysis tools. It explains the syntax and data structures of both tools, the complexity of writing rules for each, and the advantage...
The text discusses the author's analysis of ClipboardEvent listeners for stored XSS, focusing on a vulnerability in Zoom's code that allowed for an XSS attack. The author delves into the code, identifying the attack vector and the...
The author discusses creating a CTF challenge for The InfoSecurity Challenge 2022, focusing on educational, realistic, transparent, and challenging design principles. They detail an almost-vulnerability in Radicale, a popular CalD...
The text discusses the exploitation of improper validation of Amazon Simple Notification Service SigningCertUrl, which allowed attackers to forge messages to all SNS HTTP subscribers. It explains the process of signature validatio...
The iCalendar standard was created in 1998 to address the need for a single, interoperable format for enterprise calendar software. Despite its simplicity, iCalendar has been extended to include advanced functionality, leading to ...
The text discusses the discovery of vulnerabilities in Microsoft InfoPath's template format, enabling the loading of remote payloads and bypassing warning dialogs. It explains the security model of InfoPath and details various byp...
0Solving DOM XSS Puzzles
2022-02-03 •
The text discusses two interesting postMessage DOM XSS vulnerabilities encountered in bug bounty programs. The first puzzle involved a postMessage handler that allowed for arbitrary JavaScript execution, while the second puzzle in...
02Q21: New Year's Reflections
2021-12-31 •
The author reflects on the year 2021, discussing the impact of the COVID-19 pandemic on their reading of the book 1Q84, their learning goals, and their professional achievements in artificial intelligence, vulnerability research, ...
The InfoSecurity Challenge (TISC) was an individual competition consisting of 10 levels that tested participants’ cybersecurity and programming skills. The prize pool was $30,000 in cash. The challenges included web, mobile, stega...