Author Archives: Xavi

CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Death Note

Hello everyone! As I explained in the last blog entry, I have participated with my job teammates in a Hack the Box CTF, this is the link: https://www.hackthebox.com/events/cyber-apocalypse-2024 And this is the team that we were part of: https://ctftime.org/team/198916 This … Continue reading

Posted in Exploiting | Tagged , , , , , , | Leave a comment

CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Pet Companion

Hello everyone! Today I want to write a couple of write-ups of a CTF that we have participated with our work colleagues from Exness. As I’m trying to improve in binary exploitation topic I would like to document here some … Continue reading

Posted in Exploiting | Tagged , , , , , , | Leave a comment

Shellcode – Windows/x86 – Create Administrator User – Dynamic PEB & EDT

Hello everyone, Recently I’ve been learning about Windows x86 shellcoding and I decided to write a shellcode by my own. My idea was to write a shellcode that creates a new user and make it local administrator. You can find … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Creating your own AMSI Bypass using Powershell Reflection Technique

Introduction Today I was reviewing one topic about AV Evasion and I was trying to understand how AMSI works and how we can interact with it. As a quick introduction, AMSI is the The Windows Antimalware Scan Interface, a interface … Continue reading

Posted in Uncategorized | Tagged , , , , , , | Leave a comment

Linux Shared Library Hijacking

Hello everyone! In this blog post I would like to cover an interesting topic that is not as well known as Windows DLL Hijacking: Linux Shared Library Hijacking. Both concepts are similar but the exploitation is a bit different, I … Continue reading

Posted in Uncategorized | Tagged , , , , , , | Leave a comment

Protostar – Format Strings – Level 4

Hello everyone! This is the blog post for the level 4 format level of Protostar, that is the last one. This is the hint: And this is the code: Before I start, I have to say that I had no … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , , , | Leave a comment

Protostar – Format Strings – Level 3

This is another post about Protostar exploiting box. Let’s start working in the interesting levels 🙂 This is the hint for the level: And this is the code: As the level starts as the last one, I’m going to cover … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , , | Leave a comment

Protostar – Format Strings – Level 2

Hello everyone, Let’s continue working in Protostar exploit exercises 🙂 Next exercise says the following: And this is the code for this level 2: This time, the input is received in a different way: Let’s start as the past levels. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , , | Leave a comment

Protostar – Format Strings – Level 1

Let’s continue working in ProtoStar exploiting exercises. Let’s see how to solve the Format String level 1. As always, first let’s read the level description. Exercise: This level shows how format strings can be used to modify arbitrary memory locations. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , , | Leave a comment

Protostar – Format Strings – Level 0

Hello everyone! In this blog post I will cover the solution for the Exploiting exercise named ProtoStar that is related to Format String vulnerabilities. Let’s see the first level: Exercise 0: This level introduces format strings, and how attacker supplied … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , , | Leave a comment