I was asked if I could look at a WordPress website which wasn’t displaying correctly. It was showing an index of files in the document root directory, rather than showing the home page. This suggested that the index.html (UNIX), index.htm (Windows), or in the case of WordPress, index.php file was missing. Read on and I’ll talk you through how I recovered the site.Continue Reading
When I heard about the Citrix NetScaler vulnerability (CVE-2019-19781) I wanted to capture some exploits to see what they were doing. It turns out Citrix provide a downloadable version of Citrix Gateway (which was also vulnerable), but using it to capture exploits turned out to be trickier than I’d originally anticipated.Continue Reading
You’d think that with fifteen years experience working in I.T., and the experience working with computers before that, that I would have learned to save my work often! I figured that I’d be ok, as the WordPress web interface keeps telling me that it has saved a draft copy. That was fine until I somehow wiped out a whole load of content only to then have the WordPress web interface save the remaining text as the draft. Continue Reading
Ever wanted to try reverse engineering something a tad different? Granted, you’re probably not likely to run across anything like this in the wild, but this challenge will hopefully cause some musing to stimulate the brain cells.
Basically, your challenge is to figure out what the challenge file does (without running it). It is not malicious. It is something that I created some years ago now just to see if it was possible, even though it is of little practical use — I do that sometimes… Continue Reading