Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive the traffic from the vulnerable server.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
This is actually nuts. I watched a video breakdown of this blog post and my jaw was on the floor. Super interesting stuff.
Absolutely, it’s a great read. Could you link the video you watched?
Here you go! https://youtu.be/TFolQUeWoog?si=6Ts5_aw9kyB-A-Ja
Thank you so much, I’ll check it out!
Really good writeup of a very interesting exploit.