Devfest Istanbul 2014 – Web Application Attacks and Trusting Frameworks

Merhaba

Bu sene düzenlenen GDGIstanbul tarafından düzenlenen Devfest Istanbul etkinliğinde yaptığım sunuma buradan ulaşabilirsiniz. Son derece profesyonelce düzenlenen bu etkinlikte emeği geçen herkeste tekrardan teşekkür etmek isterim.

Sunum’a ise aşağıdaki linkten ulaşabilirsiniz.

Ci-Bonefire v0.7.1-dev Reinstall Admin Account Vulnerability Analysis & Exploit

Hello

Ci-Bonefire is another Codeigniter based-on open source application. I’ve been analyzing application which based-on codeigniter  since I found some weakness of Codeigniter. This write-up we will see that what can cause failure of code design.

Read moreCi-Bonefire v0.7.1-dev Reinstall Admin Account Vulnerability Analysis & Exploit

PyroCMS Object Injection Vulnerability – Another step, damn the steps, damn thee!

Hello

PyroCMS is one of the popular open source cms application. It is based on Codeigniter! You can download it from https://www.pyrocms.com/ or github account. I decided to analyze installation module of PyroCMS. Because we’ve learned that as an attackeri, we can do Object injection attacks if private key is not private! 

Read morePyroCMS Object Injection Vulnerability – Another step, damn the steps, damn thee!