Andrea Cardaci

Bio

MSc student at the University of Pisa, Italy.

Advisories

12 Aug 2019 [CVE-2019-12792] Vesta Control Panel 0.9.8-24 — Privilege escalation in the upload handler
12 Aug 2019 [CVE-2019-12791] Vesta Control Panel 0.9.8-24 — Privilege escalation in the password reset form
15 Apr 2019 [CVE-2019-9841] Vesta Control Panel 0.9.8-23 — Reflected XSS in file manager API
19 Mar 2019 SquirrelMail 1.4.22 — Stored XSS in received emails

Blog

22 Dec 2018 Authenticate against a MySQL server without knowing the cleartext password
01 Mar 2018 Overriding shared libraries in immediately-bound executables on Linux
12 Feb 2018 A macOS anti-debug technique using ptrace

Contacts

Feel free to drop me an email.

Use this PGP key for confidential communication.

Profiles

GitHub
Code goes here
Hack The Box
Pwning boxes for fun
Twitter
Social stuff
LinkedIn
Professional profile
Bēhance
My attempt at photography

Meta

This website is built with Jekyll, source files can be found on GitHub.

Subscribe to the news feed.

Projects

GTFOBins
Curated list of Unix binaries that can be exploited to bypass system security restrictions
gdb-dashboard
Modular visual interface for GDB in Python
chrome-remote-interface
Chrome Debugging Protocol interface for Node.js
chrome-har-capturer
Capture HAR files from a remote Chrome instance
prof
Self-contained C/C++ profiler library for Linux
fracker
PHP function tracker
mysql-unsha1
Authenticate against a MySQL server without knowing the cleartext password
comb
Interactive grep annotation tool for manual static analysis in Emacs Lisp
zoom
Fixed and automatic balanced window layout for Emacs
gproxy
googleusercontent.com as HTTP(S) proxy
trace
Start or attach to a process and monitor a customizable set of metrics
zizzania
Automated DeAuth attack
gdb
Go GDB/MI interface
httpfs
Remote FUSE filesystem via server-side script