Luke ParisinParadoxisYAFPC — Unauthenticated Remote Code ExecutionTwo separate flaws exist in the YAFPC (Yet Another Free PDF Composer) appliance which allows an attacker to gain remote code execution.6 min read·Jan 14, 2023----
Luke ParisinParadoxisStegCracker 2 ReleasedA long time ago, on an awesome pentesting platform far far away, I had a problem. A problem many people that play CTF challenges can…4 min read·Mar 25, 2019----
Luke ParisinParadoxisBaking Flask cookies with your secretsA few weeks back, I and a friend of mine were discussing web frameworks and how he claimed to have made an ‘Impossible to Bypass’ login…9 min read·Jan 26, 2019--1--1
Luke ParisinParadoxisFingerprinting Web Servers with GitBefore I begin, I’d like to give a little backstory on how I came to building the tool I’m about to show. Recently, I was doing an online…3 min read·May 21, 2018----
Luke ParisDear RecruitersBefore i begin my post, I’d like to point out I don’t have any ill intentions towards recruiters or the companies that employ them, in…3 min read·Dec 13, 2017----
Luke ParisinParadoxisSHA2017 — A recap of insanityTo summarize the last five days of my life, I can’t think of anything other than “amazingly chaotic”, and I loved every minute of it. If…5 min read·Aug 10, 2017----
Luke ParisinParadoxisThe PHP module backdoor II — The falloutA little over a week ago I published a post to my blog titled ‘Your interpreter isn’t safe anymore — The PHP module rootkit’.6 min read·Jun 23, 2017----
Luke ParisinParadoxisBackdooring the PHP interpreterEditor’s note: The following post was written in 2017 at the very start of my career in Cyber Security. I was inspired to make a simple…7 min read·Jun 12, 2017--4--4