Blog posts
Ambionics / Tooling

Introducing lightyear, a new way to dump PHP files

Mon 04 November 2024

In this blog post, we describe new techniques to dump PHP files leveraging filters, and a tool that does it.

Read more
Ambionics / Web Exploitation

Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 3)

Mon 30 September 2024

In this blog post, we will explore how we can exploit CNEXT, but blind, covering the cases where we have a file read primitive, but cannot get the output.

Read more