Router D-Link DVA-5592 – Authentication Bypass

Info Vendor: D-Link Italia Product: Router DVA-5592 Firmware: DVA-5592_A1_WI_20180823 CVE: 2018-17777 Shodan: ADB Broadband HTTP Server" title:“D-Link” Description In the router D-Link DVA-5592 it is possible to bypass the web authentication form. The problem is the path /ui/cbpc/login, because it is accessible without authentication. If the router’s owner has not changed the Parental Control PIN, it is possible to access to the Parental Control area, by using the default PIN code....

December 16, 2018 · 2 min · 230 words · Luigi Gubello

About Iran and IRA Twitter datasets (for fun) – Part I

On 17 October 2018 Twitter released two datasets about the propaganda accounts of the Internet Research Agency (IRA) and Iran. Each dataset has three parts: a CSV file with the user list, a CSV file with all* the tweets of said users and a dataset of the shared images and memes. For fun I tried to use pandas and matplotlib to read the data. To read the file ira_tweets_csv_hashed.csv (5,4 GB) I split it into 91 parts, with 100....

December 7, 2018 · 5 min · 1040 words · Luigi Gubello

Configurare un Pi-Hole portatile

Poco tempo fa ho scoperto un progetto open source chiamato Pi-Hole, piuttosto conosciuto e apprezzato. Il compito di Pi-Hole è quello di “ripulire” la nostra navigazione su Internet da pubblicità e siti malevoli (semplificando: funge da ad-block), creando un piccolo server DNS sul Raspberry. Uno dei principali punti di forza è che, una volta configurato, ripulisce dalle pubblicità ogni dispositivo connesso alla rete, senza bisogno di ulteriori programmi o plug-in....

November 2, 2018 · 8 min · 1598 words · Luigi Gubello

From XSS to RCE in Simplenote 1.1.3

Summary In Simplenote 1.1.3 - Desktop app there is a stored XSS vulnerability that can be used to execute arbitrary code. If there is malicious code in the note and the user tries to print it (for example to save it as a PDF), the malicious code runs. #358049 - RCE via Print function [Simplenote 1.1.3 - Desktop app] 27/05/2018 – I send the report 25/06/2018 – The vulnerability is fixed and the bug bounty reward is 250$...

July 29, 2018 · 1 min · 115 words · Luigi Gubello

Stored XSS in Microsoft Bing

After many unsuccessful attempts to find an XSS in Yahoo’s domains, I decided to move my attention to Microsoft Bing. If you have a Microsoft account, Bing allows you to save online content (images, videos and places) on the page My saves, and allows to create collections to better manage your own content. The titles of these collections were not properly filtered, so it was possible to break the code and inject persistent arbitrary code....

April 21, 2018 · 2 min · 226 words · Luigi Gubello