Skip to main content

Pentest Chronicles

If you’re interested in the world of cybersecurity, the related technical issues, and what’s challenging right now, you’re in the right place! This part talks about IT security more broadly and has the latest information, tips, and advice.
Illustration of Pentest Chronicles

Latest insight

Illustration of CVE-2025-8890 Authenticated RCE in SDMC NE6037 router

CVE-2025-8890 Authenticated RCE in SDMC NE6037 router

Grzegorz Bronka

When testing connectivity of the SDMC NE6037 router inputting a quote character into the "ping" utility revealed an error indicating a Remote Code Execution (RCE) vulnerability. It is quite common to find RCE vulnerabilities in routers’ connectivity tools (such as ping or traceroute). The user-supplied parameters are passed without sanitization as a parameter to a shell command. This was confirmed to be the root cause in this instance.

READ article

Other articles

Illustration of Symfony Profiler in Production – An Entry Point for Sensitive Data Leaks and Remote Code Execution

Symfony Profiler in Production – An Entry Point for Sensitive Data Leaks and Remote Code Execution

Jakub Żoczek

During a security audit, a web application using an outdated version of the Symfony framework was identified. The analysis revealed the presence of the Symfony Profiler tool, which is commonly used for debugging applications during development. The Profiler provides detailed information about the application's operation, which is useful for developers. However, in a production environment, its availability can lead to the disclosure of sensitive information and, in some cases, remote code execution on the server.

READ article
Illustration of Session Fixation: A „Hidden Threat” to Web Application Security

Session Fixation: A „Hidden Threat” to Web Application Security

Marcin Zięba

Session fixation is a security vulnerability that occurs when an attacker forces a legitimate user to utilize a predetermined session identifier (session ID). This allows the attacker to hijack the session and impersonate the victim once they authenticate with the web application. The vulnerability arises when an application fails to properly regenerate a new session ID upon user authentication, thereby continuing to use the preexisting session ID provided by the attacker. Common attack vectors include injecting the session ID through URL parameters, cookies, or hidden form fields.

READ article
Illustration of Exploiting the Password Reset Vulnerability: A Real-World Case Study.

Exploiting the Password Reset Vulnerability: A Real-World Case Study.

Securitum

Modern web applications need to prioritize user security. However, even well-designed systems can have hidden flaws that make them vulnerable to attacks. During a recent security test, a serious issue was found in the password reset feature of an application. This vulnerability made it possible for attackers to gain access to any user account, including the super administrators. Here's what went wrong and why it's such a big problem.

READ article
Illustration of Exploring Vulnerabilities in Mobile Applications: Key Exchange Protocol Hacking - Man-in-the-Middle and Brute-force in Action. Part 2 of 2.

Exploring Vulnerabilities in Mobile Applications: Key Exchange Protocol Hacking - Man-in-the-Middle and Brute-force in Action. Part 2 of 2.

Dariusz Tytko

In first part of this article, I described how do we analyze protocols during mobile applications testing. During this analysis, I noticed that the Diffie–Hellman protocol is used to exchange encryption keys. The protocol implementation was audited, and I discovered that it is prone to two attacks: Man-in-the-Middle and brute-force. Each of these attacks compromise the security of the protocol, allowing attackers to view and modify the data sent between the mobile applications and the servers.

READ article
Illustration of Exploring Vulnerabilities in Mobile Applications: Key Exchange Protocol Analysis and Toolkit Setup. Part 1 of 2.

Exploring Vulnerabilities in Mobile Applications: Key Exchange Protocol Analysis and Toolkit Setup. Part 1 of 2.

Dariusz Tytko

During one of latest pentests I tested mobile application. To perform analysis of the communication protocol and prepare a toolkit for testing network communication, the Android version of the application was used. Protocol analysis The protocol is implemented using C++ language, the implementation is included in the native library lib/arm64-v8a/lib[…].so. Wireshark, Frida (the instrumentation toolkit) and Ghidra (a software reverse engineering framework) were used to analyze the protocol.

READ article
Illustration of Memory Heist: The Secrets and Risks of Cold Boot Attacks

Memory Heist: The Secrets and Risks of Cold Boot Attacks

Mateusz Lewczak

A Cold Boot Attack is a technique designed to capture data directly from a computer's RAM, where critical and sensitive information is often stored. What kind of data? It could be almost anything: passwords, encryption keys, user login data, or even active sessions, which could provide attackers with extensive access to the system. In short, the attacker is after any information held in RAM during computer operation, and the Cold Boot Attack allows them to retrieve it.

READ article
A professional cybersecurity consultant ready to assist with your inquiry.

Any questions?

Happy to get a call or email
and help!

Contact Us