Khai Tran
More by Khai Tran
Advisory: XXE Injection in Oracle Database (CVE-2014-6577)
This blog dives into the XML Parser module in Oracle Database being vulnerable to XML External Entity (XXE) Injection.
Advisory: Oracle Forms 10g Unauthenticated Remote Code Execution (CVE-2014-4278)
This blog advises on the following vulnerability: Oracle Forms 10g contains code that does not properly validate user input. This could allow an unauthenticated user to execute arbitrary commands on the remote Oracle Forms server.
DeKrypto – Padding Oracle attack against IBM WebSphere Commerce (CVE-2013-05230)
IBM WebSphere Commerce or WebSphere Commerce Suite (WCS), developed by IBM, is a software platform framework for e-commerce and is actively being used by giant retailers.
Using Powershell and Reflection API to invoke methods from .NET Assemblies
Using .NET Decompiler, I am able to see and identify the function used to encrypt the database password. The encryption key appears to be static, so if I could call the corresponding decrypt function, I would be able to recover that password.
Binrev- Automate Reversing Windows Binaries for Pentesters
I made a script to chain together some common tools to reverse-engineer Windows applications. It has come in handy for me in several situations when an application contains hundreds of assemblies written in native C, .NET or Java.
Java Obfuscation Tutorial with Zelix Klassmaster
For high-level languages such as .NET or Java, it is quite trivial to reverse-engineer application binaries to recover the original source code if the application doesn’t employ any type of encryption or obfuscation.
Patching Java Executables – The Easy Way
In this blog post, I want to introduce to you a new method of patching Java. It is faster, less error-prone and quite simple to execute. I hope it will be useful for developers that are in need of patching Java.
Tool release: AMF Deserialize Burp Plugin
Action Message Format (AMF) is one of the communication protocols used to exchange messages between Flash client and server; the others are RTMP and XML. BurpAMFDSer is another Burp plugin that will deserialize/serialize AMF request and response to and from XML with the use of Xtream library.
Pentesting Java Thick Applications with Burp JDSer
Let’s consider this dummy Java app that communicates with a servlet via HTTP. It’s a very simple search box which sends SearchObject to a server. Server responses with a SearchResult object back. If it indicates that client has admin privilege, the gray text will become red.