Matthias Kaiser's Avatar

Matthias Kaiser

@matthiaskaiser.bsky.social

Java/Android Vulnerability Researcher. 0xACED. Ex-Apple. Posts are my own.

320 Followers  |  307 Following  |  11 Posts  |  Joined: 04.12.2023  |  1.7932

Latest posts by matthiaskaiser.bsky.social on Bluesky

Arrived in Berlin for @offensivecon.bsky.social. Don’t be shy and say hi! Looking forward to meet old and new friendsπŸ‘

15.05.2025 14:06 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

After many hours of development my Smalidea fork supports:
- parameters and variables with type information
- conditional breakpoints
- change parameters and variables via "expression" or "setValue". Quite happy with the results πŸ˜€

07.04.2025 20:36 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

3. Parameters and Variables in Debug View 😍

23.03.2025 12:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I guess I'm the only single person working on an IntelliJ plugin using EclipseπŸ˜€

21.03.2025 13:53 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

2. Type Hierarchy

21.03.2025 13:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0
Post image

Look Mom, smalidea (github.com/JesusFreke/s...) has new features: 1. Call-Hierarchy

21.03.2025 13:45 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Bypassing Authentication Like It’s The β€˜90s - Pre-Auth RCE Chain(s) in Kentico Xperience CMS I recently joined watchTowr, and it is, therefore, time - time for my first watchTowr Labs blogpost, previously teased in a tweet of a pre-auth RCE chain affecting some β€˜unknown software’. Joining th...

My first watchTowr post is out! It was my first take on a CMS solution and I was able to get some interesting pre-auth RCE chains on Kentico Xperience. 😎

labs.watchtowr.com/bypassing-au...

17.03.2025 12:45 β€” πŸ‘ 7    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.

If you're using ruby-saml or omniauth-saml for SAML authentication make sure to update these libraries as fast as possible! Fixes for two critical authentication bypass vulnerabilities were published today (CVE-2025-25291 + CVE-2025-25292).

github.blog/security/sig...

12.03.2025 21:50 β€” πŸ‘ 11    πŸ” 10    πŸ’¬ 1    πŸ“Œ 0

Finally had some time to put together a new blog post. It’s not groundbreaking, but it could still be interesting if you're into application security.

28.02.2025 09:56 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

I tried VSC Java debugging once and immediately gave up. Debugging Ghidra with Eclipse works perfectly. And probably IDEA as well.

08.02.2025 18:22 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Windows Bug Class: Accessing Trapped COM Objects with IDispatch Posted by James Forshaw, Google Project Zero Object orientated remoting technologies such as DCOM and .NET Remoting make it very easy ...

New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...

30.01.2025 18:37 β€” πŸ‘ 66    πŸ” 42    πŸ’¬ 2    πŸ“Œ 0

Congrats πŸ‘ πŸŽ‰ Looking forward to the upcoming RCEs😎

07.01.2025 13:17 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I'm happy to announce that I have recently joined watchTowr as a Principal Vulnerability Researcher. The break is over, it's time to do some new research 🫑

07.01.2025 13:08 β€” πŸ‘ 8    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0

Congrats! All the best πŸ₯³

01.01.2025 15:17 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Thx!

02.12.2024 06:21 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Remote Code Execution with Spring Properties Recently a past student came to me with a very interesting unauthenticated vulnerability in a Spring application that they were having a hard time exploiting...

I just wrote a new blog post! This is how I (ab)used a jailed file write bug in Tomcat/Spring. Enjoy!

Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...

26.11.2024 23:57 β€” πŸ‘ 76    πŸ” 36    πŸ’¬ 1    πŸ“Œ 2

πŸ‘ and Hi :-)

21.12.2023 14:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@matthiaskaiser is following 19 prominent accounts