TCPJunkie

0-Day: WPA2 On Krack!

Oct 20, 2017


A couple of days ago, Mathy Vanhoef of imec-DistriNet has published his scientific paper which explained how WPA2’s algorithm mechanism could be manipulated so an attacker could decrypt the WPA2-encrypted traffic between an Access Point and a client. Read more

Escalation: From Docker API To Host Root Access

Oct 9, 2017


I was tasked with performing a penetration testing on a server which hosted multiple websites and services. Most of these services ran on Docker containers, and in this article, I’m going to show how could an overlooked misconfiguration lead to a complete takeover of the host system. Read more