Alle Posts von Author: Hans-Martin Münch

Exploiting insecure RCCMD installations

Juni 2020 | Lesezeit: 8 Minuten

Owning systems through remote control software


An Trinhs RMI Registry Bypass

Februar 2020 | Lesezeit: 14 Minuten

A closer look at the RMI Registry whitelist bypass gadget from An Trinhs Blackhat Europe 2019 presentation


(Ab)using Linux SNMP for RCE

Oktober 2019 | Lesezeit: 7 Minuten

How to use a SNMP write community to gain (remote) code execution as root on Linux systems


Attacking RMI based JMX services

April 2019 | Lesezeit: 16 Minuten

An attack primer on how to hack into RMI based JMX services


Attacking Java RMI services after JEP 290

März 2019 | Lesezeit: 24 Minuten

An attack primer on how to attack Java RMI services using Java deserialization


Repacking iOS applications

März 2019 | Lesezeit: 5 Minuten

A quick and easy guide for binary patching and repacking iOS apps during security audits



Oktober 2018 | Lesezeit: 3 Minuten

Merge jar files to simplify remote debugging of closed source java applications


Vulnerability spotlight: CVE-2016-5072

Juli 2018 | Lesezeit: 10 Minuten

Analysis of a vulnerability in the open source shop system OXID


CANAPE workshop slides

Juni 2018 | Lesezeit: 1 Minuten

Slides and examples from our CANAPE workshop at BSides Munich 2018.