Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Application Security 202: Vulnerabilities Accepted
vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally. This is the Oxford English Dictionary definition of vulnerability. But I’m going to modify it a little bit to reflect our topic of application security. ...Learn more
application security | professionally evil | Secure Ideas | Linux | programming | File Descriptors | SetUID | Privilege Escalation
Privilege Escalation via File Descriptors in Privileged Binaries
Today I wanted to cover an application security topic that applies to SetUID binaries. As we ...Learn more