Tag Archives: hacking

How I hacked my way to the security sector

Hello friend, hello friend. It’s been too long, I know. But the thing is, that I owe you a lot. I owe you my whole life, my freedom and almost all of my experiences. I owe you an explanation on why I stopped communicating and why I ghosted you in the worst way possible. ButContinue reading “How I hacked my way to the security sector”

[CVE-2020-24807] File Type Restriction Bypass in Socket.io-file NPM module

Title: File Type Restriction Bypass in Socket.io-file NPM moduleDate: 31/07/2020CVE-ID: 2020-24807Advisory: https://github.com/advisories/GHSA-6495-8jvh-f28xAuthor: Thomas SermpinisVersions: <= 2.0.31Package URL: https://www.npmjs.com/package/socket.io-fileTested on: node v10.19.0, Socket.io-file v2.0.31, socket.io v2.3.0Proof of Concept: – During some of our pentests, we face applications that are well secured with not so many misconfigurations. That means that we have to dig deeper, if theContinue reading “[CVE-2020-24807] File Type Restriction Bypass in Socket.io-file NPM module”

TROOPERS18 and a crazy journey!

Hello friend, Thinks are happening to my territory, and no time slots for this lonely blog. I see that many of you keep visiting though and I am really happy about it. I have many things to tell you. Many things happen in my life, and I want to continue to share with you myContinue reading “TROOPERS18 and a crazy journey!”

BlackHat Europe 2017 – The Wrap Up

“Hello, friend. Hello, friend? That’s lame. Maybe I should give you a name, but that’s a slippery slope. You’re only in my head. We have to remember that. Shit.” Hope you are all well. After a nice trip to London, and a great time at Blackhat Europe 2017, I feel the need to share my experienceContinue reading “BlackHat Europe 2017 – The Wrap Up”