All posts in Security

A brief introduction into MODBUS exploitation

Modbus was introduced in 1979 and was not designed to be available on public networks! Devices using this protocol should not be available on the internet under any circumstances! Basically, if I can see this protocol via Internet then I own your device!

Continue reading →

How to force Roundcube to use SSL

roundcube ssl redirect

Roundcube is a web-based IMAP email tool. It simply allows you to browse and manipulate content from email server easily using your browser. However if you are a system administrator of if you have your own mail server it is highly recommended to use a SSL certificate when you are going to read your emails.

This way, you avoid interception of connection credentials and emails content, especially when you are connecting from free WiFi networks. Continue reading →

Bypass .htaccess Authentication Credentials

htaccess password bypass

Inspired by wechall.net I’ve decided to make this short tutorial to show you how to bypass a .htaccess password protection without knowing username or password. This is not really a vulnerability, this trick is based on a bad configuration by website administrator or sysadmin.

Continue reading →