[Owasp-leaders] OWASP Mth3l3m3nt Framework zero code exploits

Munir Njiru munir.njiru at owasp.org
Mon Mar 20 06:14:40 UTC 2017


Hi All,

I wanted to share a new writeup based on  WordPress Plugin Membership
Simplified v1.58 – Arbitrary File Download (CVE-2017-1002008) to create
arbitrary file downloads/ LFI exploits without having to write code using
one of the modules in OWASP Mth3l3m3nt Framework. Find the write up here on
how to create a new exploit and test it.

https://www.alien-within.com/zero-code-lfi-and-arbitrary-file-download-exploits-on-mth3l3m3nt-framework/

Kind Regards,
-- 
Munir Njenga,
OWASP Chapter Leader (Kenya) || Information Security Consultant || Developer
Mob   (KE) +254 (0) 734960670

=============================
Chapter Page: www.owasp.org/index.php/Kenya
Email: munir.njiru at owasp.org
Facebook: https://www.facebook.com/OWASP.Kenya
Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170320/bc8090c8/attachment.html>


More information about the OWASP-Leaders mailing list