SysAID II – SQLI [CVE-2021-30486]

SysAid Technologies (formerly Ilient) is an international company founded in 2002 that develops and provides IT Service Management software. SysAid Technologies is a privately owned company, founded by Israel Lifshitz (also founder of NUBO Software). The exploitation of vulnerability requires having user-level access in the system. From the «Asset Management» option, the request is captured…

SysAID – XSS [CVE-2021-30049]

SysAid Technologies (formerly Ilient) is an international company founded in 2002 that develops and provides IT Service Management software. SysAid Technologies is a privately owned company, founded by Israel Lifshitz (also founder of NUBO Software). Every so often the application verifies the validation of the session through the KeepAlive.jsp script, this was checked through the…

IDE Backdoor con Python

He utilizado muchas veces python para optimizar tareas, automatizar procesos, en competiciones de CTF o para explotar alguna vulnerabilidad, en contexto laboral realizando ejercicios de hacking ético, pero siempre desde un entorno local ocupando mis propios editores pero hace poco realice un curso de Python en línea, y todo el proceso educativo y práctico se…