ASUS ROG BIOS Reset on Lost Battery Power

Update 1: My ASUS laptop is ASUS ROG Zephyrus M GM501GS-EI027T. I'm using the latest BIOS version which is 313 (according to the latest version dated 08/30/2019) Update 2: Given a CVE-2019-18216 Update 3: ASUS security team gave me the patch for the BIOS vulnerability I posted here and the patch works. I cannot reproduce…

CDEF Podcast: Head to Head Bug Bounty vs Pentesting

Last week, Indonesia CDEF (Indonesia Cyber Defense Community) invited me to be on their podcast on the night of September 8, 2019. It raised "Head to head Bug Bounty vs. Pentesting." as the topic. You can hear the topic on Spotify below (language spoken: Bahasa Indonesia) https://open.spotify.com/episode/6gSwbVcdvcGnscC1ncDgp6?si=ogfH4hrbQRS1vbKHymJpIQ CDEF Podcast's usually held every two weeks and…

Google Calendar Spam

Some time ago @mubix tweeted about spam that entered Google Calendar, he felt he had never published his calendar, and did not find the e-mail associated with the purchase of iPhone XS Max (according to the tweet). When I saw the tweet, I was intrigued that spammers were getting better at it. https://twitter.com/mubix/status/1166368879423234048 This morning…

My Review on Advanced Windows Exploitation course by Offensive Security

For the past few months, I have been preparing for the Advanced Windows Exploitation (AWE) training at one of Asia's most popular hacker conferences, Black Hat Asia 2019. AWE is one of the training organized by Offensive Security LLC, a Kali Linux distro maker (formerly Backtrack) and the Exploit-DB website (www.exploit-db.com). After waiting for approximately…

Zahir Enterprise Plus 6 <= build 10b – Buffer Overflow (SEH)

Zahir Accounting adalah software akuntansi yang sangat banyak digunakan oleh tingkatan SOHO (Small Office Home Office) di Indonesia. Selain harganya yang terjangkau, Zahir memiliki fitur yang lebih dari cukup untuk menyelesaikan pencatatan akuntansi yang tanggung, dalam arti mampu menyisir tingkat menengah ke bawah dan juga mampu menghadapi tantangan akuntansi yang hampir mendekati tingkat enterprise.  Pada kesempatan…

Blind SQL Injection Vulnerability in FileRun <=2017.09.18

Some time ago while doing a pentest, we found a vulnerability in a file sharing web application named FileRun. This application allows us to access our files anywhere through self-hosted secure cloud storage, backup and sharing files for our photos, videos, files and more. The Vulnerability The vulnerability was found after the authentication. After we…

Unicode Stack-based Buffer Overflow on CyberLink LabelPrint 2.5

It's been a while since the last post about exploitation on this blog. This time, we try to explain a stack based overflow on a software called Cyberlink LabelPrint. The software serves as a tool to assist in designing labels for CD / DVD covers. Cyberlink LabelPrint is included in the installation of Cyberlink Power2Go,…