Maxpl0it

Exploits and Research

Aug 14, 2019

Zero to Root in 60 seconds

Upon cleaning out some boxes of old wires and techjunk I’d completely forgotten about for years, I came across an old netbook my dad had owned.Netbooks were all the rage back in 2009. One of the pioneers of the netbook revolution was

Nov 9, 2019

Pwn2Own 2019

I managed to get the chance to participate in Pwn2Own 2019 this year, having joined F-Secure two months ago.In total we had 4 entries:TP-Link AC1750 Smart WiFi Router - LAN -

Aug 14, 2019

Zero to Root in 60 seconds

Upon cleaning out some boxes of old wires and techjunk I’d completely forgotten about for years, I came across an old netbook my dad had owned.Netbooks were all the rage back

Nov 30, 2018

IDA Function Route Finder

Today I released a little function that helps IDA users find routes from one function to another. This is incredibly useful when identifying possibly vulnerable functions in order to find paths to an

Jun 21, 2018

Exploiting CVE-2018-12591

Yesterday I managed to get my first two CVEs. One of which is CVE-2018-12591.  This is a writeup of how this vulnerability can be exploited. Although it’s not the most complicated vulnerability

Jan 4, 2018

Modern Man-in-the-Middle Attacks

Contents:IntroductionBypassing Basic HTTPSBypassing 301 CachingBypass non-preloaded HSTS through NTPBypassing Preloaded HSTS through logic errorsCookie DomainsExploiting with MiTM on DNSExploiting without MiTM on DNSIntroductionThe old ways are dead.Gone are the days where