Blogs von Timo Müller

26 Aug. 2022 | 17 min Lesezeit

Exploiting Laravel based applications with leaked APP_KEYs and Queues

So you got access to a Laravel .env file, now what?

Penetration test PHP Laravel CMS CVE-2018-15133

13 Sept. 2021 | 13 min Lesezeit

Vulnerability digging with CodeQL

Using CodeQL based variant analysis to find vulnerabilties

Java RMI JMX CodeQL

30 Okt. 2019 | 7 min Lesezeit

(Ab)using Linux SNMP for RCE

How to use a SNMP write community to gain (remote) code execution as root on Linux systems

SNMP Linux penetration-test pentest privilege-escalation

2 Juli 2018 | 7 min Lesezeit

Static JWT signing Key in dotCMS

Please let me sign that for you

Vulnerability research dotCMS Java