The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nsl_registration_store_extra_input' function. This makes it possible for unauthenticated attackers to register an account on the site with an arbitrary role, including Administrator, when registering via a social login. The Nextend Social Login plugin must be installed and configured to exploit the vulnerability.
#BINARY-EXPLOITATION

Our industry-leading platform is the most effective solution for learning modern binary exploitation through a world-class curriculum developed by RET2. Acquire the skills necessary to perform independent vulnerability research.

An intro to binary exploitation / reverse engineering course based around ctf challenges.

This is a simple place where you can download crackmes to improve your reverse engineering skills. If you want to submit a crackme or a solution to one of them, you must register. But before that, I strongly recommend you to read the FAQ. If you have any kind of question regarding the website, a crackme, feel free to join the discord chat.

This repository is for the Offensive Security and Reverse Engineering Course. I used to teaching at Champlain College and currently sharing it for free online (check the YouTube channel for the recordings).