Florent Daignière's blog

  • Disabling connection tracking on bridge interfaces created by libvirt

    22 Jul, 2015

    Today I got bitten by a problem I've already encountered in the past... and as I didn't document it properly, I had to google it again! Let this blog entry be a more permanent documentation than the previous one.

    Early in the morning, the supervision system has started alerting me …

  • Netflix ultimate geolocation bypass with an edgerouter

    05 Jan, 2015

    It looks like Netflix has updated their geolocation code... attempting to prevent their users from watching content intended for other regions. This post explores a few technical avenues one might consider to bypass it.

    Googling around, it becomes increasingly clear that many people are making a living out of selling …

  • CVE-2014-1409 or the sad tale of an XPath injection affecting mobileiron products

    23 Jun, 2014

    Following up on my last post about XPath injections, I will document part of the process we went through to exploit CVE-2014-1409 and hopefully convince a few that this category of bugs is no joke and should be looked for during pentests.

    So, what about it? Well, let me tell …

  • Exploiting XPath injection vulnerabilities with XCat

    21 Jun, 2014

    XPath injection bugs are relatively common in web applications, yet it's a vulnerability class ignored by the vast majority of pentesters.

    I think that there is two main reasons for that:

    • The tooling to exploit this type of vulnerabilities sucks.
    • There is very few documented cases of "useful" bugs being …
  • Is SantanderUK compromised?

    25 Mar, 2014

    This morning I have received a special spam, the kind that warrants a blog post.

    It's interesting for several reasons:

    • It has my name in the Subject Header
    • It came through an address that I have only given to my bank
    • It uses a clever old-school trick to avoid bayesian …
  • ←   newer continue   →