Back to directory
WRITEUP #3192

Hacking into Admin Panel of U.S Federal government system C.A.R.S — without credentials.

RCEClient-side enforcement of server-side securityPrivilege escalation
by@ImJungsuu(Hazem Brini)
Program
U.S. General Services Administration
Published
Dec 7, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@7azimo/hacking-into-admin-panel-of-u-s-federal-government-system-c-a-r-s-without-credentials-9117b865ba58
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Escalating From Reader To Contributor In Azure API Management
Privilege Escalation
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write

Built with ❤️ by Shubham Rawat