CVE Analysis: Hacking a Crypto Network for Profit
By Zeyad Azima IntroductionWelcome, everyone. In this blog post, I will share the story of how, in June 2023, I successfully dumped the database of a crypto network, ultimately leading to the ability to achieve remote code execution. This was accomplished during my research and analysis of a CVE affecting one of Apache’s products. About the CVECVE-2022-227..
Read more
Pentest: From Customer to Full Application Takeover
By Zeyad Azima IntroductionWelcome everyone! In addition to my regular work, I take on some pentesting projects as a freelancer for various clients. Today, I’m excited to share a particularly interesting bug that started as a seemingly straightforward XSS vulnerability but ultimately led to a full application takeover. Application OverviewThe application ..
Read more