Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
Remote Code Execution on Microsoft SharePoint Using TypeConverters
Zero Day Initiative Posted 5 Years Ago- Deserializing is a dangerous game to play! In particular, if you allow user controlled data to be made into an arbitrary object, then there is a good chance for a remote code execution gadget to be found.
- This article goes into how Sharepoint deserializes WebParts. Additionally, it dives into the discovery process of these types of bugs.
- The main takeaway to findings these types of bugs is finding a gadget object that leads to RCE. If the deserialization does not deny this type, then you likely have a really good find!
