All posts with tag: pentest

Exploiting insecure RCCMD installations

June 2020 | 8 minutes read

Owning systems through remote control software


An Trinhs RMI Registry Bypass

February 2020 | 14 minutes read

A closer look at the RMI Registry whitelist bypass gadget from An Trinhs Blackhat Europe 2019 presentation


(Ab)using Linux SNMP for RCE

October 2019 | 7 minutes read

How to use a SNMP write community to gain (remote) code execution as root on Linux systems


Attacking RMI based JMX services

April 2019 | 16 minutes read

An attack primer on how to hack into RMI based JMX services


Attacking Java RMI services after JEP 290

March 2019 | 24 minutes read

An attack primer on how to attack Java RMI services using Java deserialization