Portfolio
Latest Blog Posts
[UPDATED] Let’s face it, cryptography is hard, and most people suck at it. They tend to guess and assume what the best practices are, but mostly fail at it. With version 5.5.0, PHP wants to put an end to this madness, and delivers a whole new A...
[UPDATED] If you’ve ever been to Spain, there’s a good chance you’ve heard of (or even used) Renfe, the state-owned company, operating passenger trains in the whole country. About 10 weeks ago, I reported two XSS vulnerabilities to ...
As always, I started with an nmap scan, and only two ports popped up:$ nmap -sC -sV -T4 -p- -oN nmap/quick_all 10.10.10.186 PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2...