My Research
Python Dirty Arbitrary File Write to RCE via Writing Shared Object Files Or Overwriting Bytecode Files
April 29, 2025
In web security, it has a vulnerability class called "arbitrary file write" (AFW), where the attacker can create or overwrite files on the server, which potentially lead to RCE (Remote Code Execution). For instance, if a web application that uses PHP and Apache, an attacker could create a new
.htaccess
file to gain RCE (A real-world example can be seen in one of my bug bounty findings). In Apache, the.htaccess
file is to make configuration changes on a per-directory basis. However, with the help of AFW vulnerability, attack can add the following rules to tell Apache to treat files with.txt
extension as a PHP script: […]
Tags: Arbitrary File Write, Python
Attempted Research in PHP Class Pollution
February 19, 2025
After reading the Ruby class pollution research from Doyensec and re-read the blog post about class pollution in Python, I started to think this research question:
- If class pollution is possible in Python and Ruby, does that mean other programming languages that support OOP (Object-Oriented Programming) is inherently vulnerable to class pollution?[…]
Tags: Class pollution, PHP