Month: June 2017

From administrator to SuperUser Joomla <= 3.6.4

Problem: during a penetration test i faced a buggy Joomla installation. Joomla version was 3.6.4 and was vulnerable to  CVE-2016-8869  . I created an administration account using metasploit module but wait !?

I couldn’t upload a WebShell . i used .pht method with no luck . i had no access to template source files.


Continue reading “From administrator to SuperUser Joomla <= 3.6.4”


SensePost reGeorg Script Basic Authentication

Few weeks ago when i was performing a penetration test on one of our clients network , i wanted to use reGeorg script ( from SensePost )  for setting up a SOCKS proxy on target web server but i encountered a problem.  The writable folder that i uploaded tunnel.aspx file was behind a basic authentication! Continue reading “SensePost reGeorg Script Basic Authentication”

buslogic SCSI adapter is not supported for 64-bit guests

Problem: Few days ago after converting a virtual machine from ESXi type to VMware workstation type using VMware VCenter Converter Standalone version 6.0.0 when i wanted to start VM  encountered below error .

buslogic SCSI adapter is not supported for 64-bit guests…

Continue reading “buslogic SCSI adapter is not supported for 64-bit guests”