ThinkPHP Remote Code Execution Vulnerability(CVE-2018-20062,CVE-2019-9082)

Vulnerability Overview Over the last few months, a remote code execution bug on Chinese open source framework ThinkPHP is being actively exploited by attackers to deliver a variety of malware. Poorly handled input is a leading cause behind the vulnerability. As a result, a remote attacker can send a crafted HTTP request to execute arbitrary … Continue reading “ThinkPHP Remote Code Execution Vulnerability(CVE-2018-20062,CVE-2019-9082)”

Mirai Botnet Analysis

Recently, a distributed denial of service attack against the company Dyn brought down websites and apps across United States’ internet. This attack is believed started by the botnet Mirai. The source code of this botnet has apparently been released on Github. This blog is about the analysis of this botnet from its source code. Weak Passwords: The first … Continue reading “Mirai Botnet Analysis”