Florent Daignière's blog

  • CVE-2014-1409 or the sad tale of an XPath injection affecting mobileiron products

    23 Jun, 2014

    Following up on my last post about XPath injections, I will document part of the process we went through to exploit CVE-2014-1409 and hopefully convince a few that this category of bugs is no joke and should be looked for during pentests.

    So, what about it? Well, let me tell ...

  • Exploiting XPath injection vulnerabilities with XCat

    21 Jun, 2014

    XPath injection bugs are relatively common in web applications, yet it's a vulnerability class ignored by the vast majority of pentesters.

    I think that there is two main reasons for that:

    • The tooling to exploit this type of vulnerabilities sucks.
    • There is very few documented cases of "useful" bugs ...
  • Is SantanderUK compromised?

    25 Mar, 2014

    This morning I have received a special spam, the kind that warrants a blog post.

    It's interesting for several reasons:

    • It has my name in the Subject Header
    • It came through an address that I have only given to my bank
    • It uses a clever old-school trick to avoid ...