All posts by author: Hans-Martin Münch

Exploiting insecure RCCMD installations

June 2020 | 8 minutes read

Owning systems through remote control software


An Trinhs RMI Registry Bypass

February 2020 | 14 minutes read

A closer look at the RMI Registry whitelist bypass gadget from An Trinhs Blackhat Europe 2019 presentation


(Ab)using Linux SNMP for RCE

October 2019 | 7 minutes read

How to use a SNMP write community to gain (remote) code execution as root on Linux systems


Attacking RMI based JMX services

April 2019 | 16 minutes read

An attack primer on how to hack into RMI based JMX services


Attacking Java RMI services after JEP 290

March 2019 | 24 minutes read

An attack primer on how to attack Java RMI services using Java deserialization


Repacking iOS applications

March 2019 | 5 minutes read

A quick and easy guide for binary patching and repacking iOS apps during security audits



October 2018 | 3 minutes read

Merge jar files to simplify remote debugging of closed source java applications


Vulnerability spotlight: CVE-2016-5072

July 2018 | 10 minutes read

Analysis of a vulnerability in the open source shop system OXID


CANAPE workshop slides

June 2018 | 1 minutes read

Slides and examples from our CANAPE workshop at BSides Munich 2018.