The blog post discusses IBM i library list (LIBL) based privilege escalation vulnerabilities, highlighting their potential to compromise system security. It introduces two automation tools: the Privilege Escalation Checker, which ...
About:
Silent Signal Techblog is a website associated with Silent Signal, a company or entity that shares technical insights and information, as suggested by their tagline 'Because we can!' and their presence on Twitter as @SilentSignalHU.
Website:
Specializations:
Incoming Links:
Outgoing Links:
Subscribe to RSS:
The blog post discusses the exploitation of IBM i systems, particularly focusing on CVE-2023-30990, a vulnerability in the Distributed Data Management (DDM) server that allows unauthenticated remote command execution. The authors ...
The blog post details the discovery of CVE-2024-28080, an authentication bypass vulnerability in Gitblit, an open-source Java-based Git repository management tool. The vulnerability allows exploitation through the SSH service for ...
The text discusses the vulnerability of IBM i Access Client Solutions (ACS) when running on Windows 11 24H2. It points to the Local Security Authority subsystem of Windows and how it is incompatible with LSA Protection. The articl...
The post discusses the recruitment process for pentesters at Silent Signal Techblog, including the challenges and solutions of the Mushroom challenge. It also covers the process of hiring, the development of the Mushroom applicati...
The blog post discusses the challenges faced while using Burp Suite in an API testing scenario, where the body of a POST request contained a Base64-encoded XML. The post describes the development of a customizable extension to han...
The text discusses the challenges faced by pentesters in testing WCF-based applications and the efforts made to create more robust and maintainable tools for testing. It covers the test environment, WCF basics, prior work, design,...
The post discusses the technical details of the CVE-2023-30988 vulnerability in IBM Facsimile Support for i, which allowed for local privilege escalation. The vulnerabilities were discovered by the author and an advisory was publi...
The blog post contains technical details of the discovery and exploitation processes of the CVE-2023-30990 vulnerability in IBM i DDM service. It discusses the vulnerability, fuzzing, investigation, exploitation, severity assessme...
0Booby Trapping IBM i
2023-03-30 • cybersecurity ibm privilege escalation
The text discusses post-exploitation techniques targeting IBM i systems, focusing on the use of database triggers to escalate privileges and catch perpetrators. It provides a technical example and reflects on the lack of informati...
The blog post discusses how the Adopted Authority mechanism on IBM i can be abused for privilege escalation if privileged scripts are not implemented with enough care. It explains the potential vulnerabilities and how they can be ...
The text discusses the development of a new scanner for Text4Shell, which is compared to the Log4Shell vulnerability. It explains the differences in exploitability and the development process of the new tool.
The text describes a penetration test on an IBM i (AS/400) server in a bank's infrastructure. The testers discovered a way to bypass menu-based restrictions and gain command line access, as well as exploit misconfigured user profi...
The text discusses the security vulnerabilities of IBM i (AS/400) systems, highlighting the lack of understanding and inaccurate information about their security architecture. It presents a case study of a penetration testing resu...
The text discusses the Log4Shell vulnerability, its impact on systems, and the release of a new open source tool to identify hidden vulnerable hosts. It explains the traditional behavior-based vulnerability scanning of HTTP interf...
The text discusses the use of KF/x, a snapshot fuzzer, to test the IPC layer in Firefox. The author, with no prior experience with Firefox, shares their experience in using KF/x to create a realistic demo for the fuzzer and put Mo...
The blog post discusses the process of adding XCOFF support to Ghidra using Kaitai Struct. The author explains the challenges faced and the decision to develop code from scratch using Kaitai Struct. The post also delves into the p...
The blog post discusses the abuse of JWT public keys without the public key. It explains how the RSA public key can be derived from message-signature pairs, and how this method can be used to exploit vulnerabilities in JSON Web Si...
The text discusses the security assessment of a service built on IBM Integration Bus, focusing on Java deserialization vulnerabilities. It explains the vulnerabilities discovered, the root cause of the issue, and the countermeasur...
0Tips and scripts for reconnaissance and scanning
2020-05-20 •
...
The blog post discusses a method to decrypt and analyze HTTPS traffic without using man-in-the-middle (MITM) attacks. It explains the challenges of MITM attacks and introduces a new plugin developed to simplify the process. The po...
The text discusses the discovery of an uninitialized memory disclosure bug in a widely used imaging library, and the development of tools for detection. The author also shares the challenges faced in the process and the relevance ...
The author's paper on a Unix-style approach to web application testing has been published by SANS Institute. The paper introduces problems faced while testing web applications and presents a solution called Piper. The author aims ...