OUR LATEST RESEARCH
Network Relaying Abuse in a Windows Domain
Network relaying abuse in the context of a legacy Windows authentication protocol is by no means a novel vector for privilege escalation in a domain context. However, in spite of these techniques being well understood [...]
CVE-2022-30211: Windows L2TP VPN Memory Leak and Use after Free Vulnerability
Nettitude discovered a Memory Leak turned Use after Free (UaF) bug in the Microsoft implementation of the L2TP VPN protocol. The vulnerability affects most server and desktop versions of Windows, dating back to Windows Server [...]
Offensive Security: From OSCE to OSCE3
OSCE3 (Offensive Security Certified Expert 3) is a certification from Offensive Security which has replaced the (now retired) OSCE certification. This post explores a pentester's journey from being OSCE certified to becoming OSCE3 certified. Way [...]
CVE-2022-24004 & CVE-2022-24127: Vanderbilt REDCap – Stored Cross Site Scripting
Nettitude identified two stored Cross Site Scripting (XSS) vulnerabilities within Vanderbilt REDCap. These have been assigned CVE-2022-24004 & CVE-2022-24127. REDCap is a web application which allows the creation and management of online surveys for research [...]
CVE-2022-23270 – Windows Server VPN Remote Kernel Use After Free Vulnerability (Part 2)
Following yesterday's Microsoft VPN vulnerability, today we're presenting CVE-2022-23270, which is another windows VPN Use after Free (UaF) vulnerability that was discovered through reverse engineering and fuzzing the raspptp.sys kernel driver. This presents attackers with [...]