Orange Tsai

• Home
• Articles
• Talks
• About

This is 🍊 Speaking!

Articles

• 2025-01-10
  WorstFit: Unveiling Hidden Transformers in Windows ANSI!
• 2024-08-09
  Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
• 2024-06-07
  CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again!
• 2023-08-12
  從 2013 到 2023: Web Security 十年之進化與趨勢!
• 2022-10-19
  A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
• 2022-08-18
  Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS!
• 2021-08-18
  A New Attack Surface on MS Exchange Part 3 - ProxyShell!
• 2021-08-07
  A New Attack Surface on MS Exchange Part 2 - ProxyOracle!
• 2021-08-06
  A New Attack Surface on MS Exchange Part 1 - ProxyLogon!
• 2021-02-24
  A Journey Combining Web Hacking and Binary Exploitation in Real World!
• 2020-09-12
  How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM
• 2019-11-11
  你用它上網，我用它進你內網! 中華電信數據機遠端代碼執行漏洞
• 2019-10-30
  An analysis and thought about recently PHP-FPM RCE (CVE-2019-11043)
• 2019-09-02
  Attacking SSL VPN - Part 3: The Golden Pulse Secure SSL VPN RCE Chain, with Twitter as Case Study!
• 2019-08-10
  Attacking SSL VPN - Part 2: Breaking the Fortigate SSL VPN
• 2019-07-17
  Attacking SSL VPN - Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study!