Guilhem Rioux
Leakymetry: Circumventing GLPI Authentication
GLPI (Gestionnaire libre de parc informatique) is a popular open-source software in France and Brazil. It is used to create a mapping of a network through an inventory plugin, but also to gather users’ issues through a ticket system. As I was wondering how the update mechanism worked in GLPI, I saw something really interesting in this file. It is important to note that most of the GLPI files are…
From a GLPI patch bypass to RCE
GLPI is a popular software used by companies, mainly in France. GLPI is usually used for two main purposes. Firstly it allows companies to see the inventory of their different equipment (such as: computers, software, printers, etc…). Secondly it is used for its ticketing system, allowing users to create tickets about their issues. It also has different roles for each user, those who can only create tickets (low privileges user),…
Page 1 of 1