Markus Wulftange
@mwulftange.bsky.social
Principal Security Researcher and Pâtissier at @codewhitesec.bsky.social
Reposted by Markus Wulftange
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange.bsky.social who loves converting n-days to 0-days code-white.com/blog/wsus-cv...
CODE WHITE | A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS
How the n-day research for a suspected vulnerability in Microsoft WSUS (CVE-2025-59287) led to the surprising discovery of a new `SoapFormatter` vulnerability added by the Patch Tuesday updates of Oct...
code-white.com
October 29, 2025 at 1:05 PM
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange.bsky.social who loves converting n-days to 0-days code-white.com/blog/wsus-cv...
Reposted by Markus Wulftange
CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com packaged as a metal festival. Have fun 🤘 and #applyIfYouCan
September 15, 2025 at 7:40 AM
CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com packaged as a metal festival. Have fun 🤘 and #applyIfYouCan
Reposted by Markus Wulftange
We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net
FAUST CTF 2025
| FAUST CTF 2025
FAUST CTF 2025 is an online attack-defense CTF competition run by FAUST, the CTF team of
Friedrich-Alexander University Erlangen-Nürnberg
2025.faustctf.net
August 28, 2025 at 12:22 PM
We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net
Reposted by Markus Wulftange
We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. github.com/codewhitesec...
GitHub - codewhitesec/NewRemotingTricks: New exploitation tricks for hardened .NET Remoting servers
New exploitation tricks for hardened .NET Remoting servers - codewhitesec/NewRemotingTricks
github.com
August 5, 2025 at 3:11 PM
We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. github.com/codewhitesec...
Reposted by Markus Wulftange
We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg (on X) to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange.bsky.social
July 14, 2025 at 1:00 PM
We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg (on X) to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange.bsky.social
I'm getting confused keeping count of them, but we're almost at the double-digit mark! 😅
Our crew members @mwulftange.bsky.social & @frycos.bsky.social discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam 's blacklist for CVE-2024-40711 & CVE-2025-23120 + further entry points after @sinsinology.bsky.social & @chudypb.bsky.social 's blog. Replace BinaryFormatter!
March 28, 2025 at 5:29 PM
I'm getting confused keeping count of them, but we're almost at the double-digit mark! 😅
Reposted by Markus Wulftange
Our crew members @mwulftange.bsky.social & @frycos.bsky.social discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam 's blacklist for CVE-2024-40711 & CVE-2025-23120 + further entry points after @sinsinology.bsky.social & @chudypb.bsky.social 's blog. Replace BinaryFormatter!
March 28, 2025 at 4:35 PM
Our crew members @mwulftange.bsky.social & @frycos.bsky.social discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam 's blacklist for CVE-2024-40711 & CVE-2025-23120 + further entry points after @sinsinology.bsky.social & @chudypb.bsky.social 's blog. Replace BinaryFormatter!
Reposted by Markus Wulftange
Ever wondered how Kurts Maultaschenfabrikle got hacked in 2023? The full story, all technical details, out now ;-) apply-if-you-can.com/walkthrough/...
Walkthrough 2023
apply-if-you-can.com
February 21, 2025 at 10:31 AM
Ever wondered how Kurts Maultaschenfabrikle got hacked in 2023? The full story, all technical details, out now ;-) apply-if-you-can.com/walkthrough/...