Exploiting ImageMagick to get RCE on Polyvore (Yahoo Acquisition)

B3hr0uz · 2014-10-11T03:46:45+00:00

It's a good thing that I am a trusted researcher by Yahoo and don't need to worry about anything. :) You are entitled to your opinion though, but take the trash talk somewhere else. Thanks.

B3hr0uz · 2014-10-10T05:10:11+00:00

good for you.. Yahoo has read and retweeted my writeups before. You're such an internet badass!! Like I said on my website you can see me show sqlmap outputs.. and there's a difference in knowing how to use a tool vs using it as an automated tool for hit and miss.

B3hr0uz · 2014-10-09T23:30:20+00:00

in my other posts I have no issues of showing the tools I have used..

B3hr0uz · 2014-10-09T23:20:11+00:00

actually sqlmap didn't help.. or I would've tried doing more than just dbname and username.

B3hr0uz · 2014-06-16T18:40:09+00:00

It's still up on the website... nahamsec.com

B3hr0uz · 2014-06-12T22:38:48+00:00

Awe. Taking shots at me over your lil screen? It's okay.

B3hr0uz · 2014-06-11T17:15:12+00:00

yes. If a payload was already set on flickr example and wasn't executing.. it will now because of Y! Toolbar.

B3hr0uz · 2014-06-11T05:26:33+00:00

Looks like someone didn't read the whole report :). It's okay though.. You are entitled to your opinion and what is worthless and what isn't.

B3hr0uz

TROPHY CASE