Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Used a URI feature that broke everything.
By using a double quote, it escaped the command line parameters, allowing for additional switches to be called.

This is a basic command injection. This can be seen by the `reboot` query that was sent.
Why is compromising these publicly facing routers so easy? It just feels like a terrible thing that people can go on Shodan, look for vulnerable routers and use a known exploit to take it over...

Just a press release of some interesting information that are viewable on Tinder.
This essentially gave anyone the ability to watch, in real time, as someone rated people... Kind of a sad fate :(

Just because a port is open, does not mean that it is vulnerable!
But, where there are services running, there are potential vulns. So, this is a guide on the exploitation of common services on different ports.

This is a Java Deserialization issue, at its core. Deserialization is really hard! If something is being de/serialized, that you control, it is likely a good path to go down.
This is the same bug that initially got the hackers into Equifax... Update your stuff people!

Man, these people sure worked hard for this exploit! An RCE bug and a sandbox escape to get onto the Google Pixel...
There were three features being used together, that triggered an odd OOB race condition.
The sandbox escape is from a use-after-unmap? Whatever that means! Likely, a use-after-free of some kind.
Eventually, after the sandbox escape, a ROP (return oriented programming) technique is used. In the wild, creating a REAL chain of gadgets can be difficult, but is possible!

The first vulnerability is a blind SQL injection within the password reset functionality. By sending an array of passwords, instead of a single password, the input is not sanitized correctly.
Additionally, a custom SQL parser can have REALLY bad endings. By abusing the fuzzy search feature, any password can be reset!
RIPsTech has lots of amazing articles; just an FYI.

This guy spent 400 hours of his time on reversing and exploiting this device! That is dedication!
This is an amazing article about the ENTIRE process for hacking something. From the initial threat modeling into the remote code execution.
Has a good hardware debugging process for getting the firmware off of the device, too.

Essentially, computers got too fast and were sacrificing security for more speed. By predicting values in the cache, it leaves a side-channel leakage, which can lead to information being stolen (such as private keys).
This does not really affect your personal computer though. Code has to be running on the current machine in order to exploit this.
So, this affects cloud providers, such as AWS.
At this point, no in the wild exploitation has been found.

Essentially, this jackass hacked two CA (certificate authorities) and then bragged about it to the rest of the world.
He always made himself sound really superior, for some reason.
I picked this up from listening to a very old Security Now episode.
There are two CA hacks: DigiNotar and Comodo. Here are the links for the descriptions for those: Comodo chats and source code for itDigiNotar.