Safari HSTS Circumvention

Earlier this year, I happened to play around with injecting funny data into unprotected HTTP communications of my test MacBook, when Safari turned out to exhibit a surprising behaviour in...

CVE-2020-XXXXX - Getting root on webOS

The TL;DR A while back, I decided to devote some research time looking into the inner workings of webOS to be able to better understand the security posture of...

Source Code Audit Training Archive

Merry Christmas everyone! We are releasing the Code Audit Training Archive. This year was shaped by a lot of ups and downs for the most of us. To bring...

FX live on tape

Almost 2.5 years have passed since FX unintentionally vanished from the canvas of the hacking-scene cinema. Defying all odds, he has made exceptional progress and, from the beginning of this...

KNX, %s and a backdoor

TL;DR Several devices manufactured by WAGO contain an undocumented account with administrative privileges. The password for this account is device dependent, but easily brute-forcable. CERT@VDE was kind...