Rhino Security Labs

Strategic & Technical Blog

Buffer Overflow Leading to
Code Execution in Left4Dead 2

Hunter Stanton
May 27, 2020

Left4Dead 2 is a video game released in 2009 by Valve Software for PC, Linux, Mac, and Xbox 360. Even though it is 11 years old, it is played by tens of thousands of players every day and is still being actively maintained by Valve.
It runs…

Weaponizing AWS ECS Task Definitions
to Steal Credentials From Running Containers

CloudGoat AWS Scenario Walkthrough: “EC2_SSRF”

Privilege Escalation in
Google Cloud Platform – Part 2 (Non-IAM)

Spencer Gietzen
May 5, 2020

This is a continuation of the 2-part blog series on Privilege Escalation in Google Cloud. 
If you haven’t already read Part 1 of this blog series, check it out here.
This part of the blog focuses on non-IAM service privilege escalation…