Blog | Disclosure

While performing an internal security assessment for a client, I discovered an OS command injection vulnerability in an Infoblox NetMRI appliance. This was totally by accident, just going about our regular testing of web applications. I stumbled across the following page and used a proxy to submit values to the "Username" and "Password" fields of the application. Infoblox Login Page...Continue reading 

When I had my last house built, I wired it for a CCTV camera system. I ran siamese rg58 coaxial cable (the type with a separate pair for low voltage power) from a central location to all my camera locations since it's a pain to do once a house is built. I bought a cheap Dahua network-enabled DVR from one...Continue reading