Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
RCE in the Most Popular Survey Software You’ve Never Heard Of
Adam Kues - SearchlightPosted 7 Months Ago- The blog post is about a pop-up asking for a survey that is made by Lighthouse Studio. This appears to be an open-source project, allowing for some access to the source code of Perl. Unfortunately, much of the Perl code is minified. After running
Perl::Tidyto make it prettier to read, they still wanted some help reading it. Naturally, they used AI to deobfuscate the code. It had some missing issues, but much of it was correct. - After it was deobsfuscated, they found an interesting sink:
eval. The subroutine_fopimplemented a primitive templating engine. If something had[%...%], then it was evaluated as Perl code. - They found this sink but needed to find the correct source. The
ciwweb.plinputhid_Random_ACARATthat plugged into this sink with[%257*7%25]to return 49. By adding backticks, this turns into pretty easy code injection. - On older versions, the backticks didn't work via some regex replaces. So, they needed to find another way to exploit it. In the case of an array being used for the value, the regex replace doesn't work. So, this worked on all versions.
