Apache and Java Information Disclosures Lead to Shells

Overview During a recent Red-Team engagement, we discovered a series of information disclosures on a site allowing our team to go from zero access to full compromise in a matter of hours. Information disclosures in Apache HTTP servers with mod_status enabled allowed our team to discover.jar files, hosted…

Gaining Code Execution with Injection on Java args

Recently on a pentest, we encountered a web application that allowed us to control command line args sent to the 'java' binary on the underlying server. We didn't see any resources published on how to gain arbitrary command execution with just control of the arguments to java, so this blog…

A Valiant Effort at a Stealthy Backdoor

We will be discussing a technique that isn't utilized too often anymore and has been around for many years, however appears to be forgotten... In the past few months most attempts I have observed at using userland binaries to keep relatively persistent and simple access [*not involving rootkits] on Linux…

Biscom Secure File Transfer Arbitrary File Download

Biscom Secure File Transfer is an application that gives the ability for companies to share files among users and focuses on being easy to use for the everyday user. It allows for users to send files without having to use FTP, email, or any possibly insecure method and has been…