@darkpills cybersecurity blog

Sharing knowledge and experiments on cyber security topics.

Hunting for gadget chains in Symfony 1 (CVE-2024-28859 - CVE-2024-28861)

by Vincent MICHEL in  exploits  , , , , ,

During a recent engagement, I came accross a Symfony 1 application which contained several deserialization from untrusted user inputs.

However, there was no public gadget chains available for Symfony 1, only for Symfony 2 and onwards. So I decided to look for gadgets for the version of the audited application. I finally expanded the work to all versions of Symfony 1 as a challenge, from 1.0 to 1.5.

Read more →

Vincent MICHEL (@darkpills)

I work as a pentester in a cyber security company. This blog aims at sharing my thoughts and experiments on different topics if it can help otheres: web and internal penetration tests, vulnerability research, write-ups, exploit development, security best practices, tooling, and so on... I previously worked as a senior software developer and switched to this wonderfull land of security :)