Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- Mautic is an open source, widely used open source software for marketing automation. Mautic allows for unauthenticated users to use most functionality, which adds some attack surface.
- The first bug was an XSS found in the Referer header, which was then shown to authenticated users. This was done by generating data from a malicious marketing lead.
- With the XSS, when an authenticated user visited the site, the attacker controlled their account. The authors decided to make an admin user via the XSS.
- As an administrative user, the attackers could upload a custom theme to the CMS to get code execution. Although this is NOT a vulnerability by itself, it does help in the exploitation process.
