Author Archives: Xavi

Exploit Development – Vulnserver GMON – Egghunter

Posted on July 19, 2019 by Xavi

Hello everyone! This post is going to be another write-up of vulnserver. I’m going to do GMON exercise that contains basically an standard SEH based Remote Buffer Overflow vulnerability. I will try to make this post useful for anyone that … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

CVE-2018-12897 – Exploit Development – SolarWinds DameWare Local Buffer Overflow

Posted on July 18, 2019 by Xavi

Hello everyone! Last week I’ve been having fun trying to create exploits for already discovered vulnerabilities. I’m currently preparing the OSCE exam, and I decided that after doing some Vulnserver exercises… I needed to start working on “more realistic” exploits. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver TRUN – Socket Reuse

Posted on July 8, 2019 by Xavi

Hello! This post is going to cover the exploitation of the TRUN method of Vulnserver using the socket reuse technique that I explained in the last entry of the Blog. This blog post is going to be straight forward, as … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Exploit Development – Vulnserver KSTET – Egghunter 2

Posted on June 26, 2019 by Xavi

Hello everyone, This post is an alternative way to crack Vulnserver using KSTET command. To understand what I’m going to show in you here and how you can exploit this specific method you need to read the last post of … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver KSTET – Egghunter 1

Posted on June 26, 2019 by Xavi

Hello everyone! This is going to be the second post of the series of Vulnserver. This post will cover the exploitation of vulnserver using the KSTET function This one is a bit more difficult than TRUN, that was the one … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver TRUN – JMP EAX

Posted on June 24, 2019 by Xavi

Hello everyone, this post is the first of a series that I’m going to dedicate to Exploit Development. Right now I just finished the OSCE certification labs and I’m preparing the exam. I think that is a good idea to … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | 3 Comments

Fuzzing – Finding bugs using BooFuzz (3/3)

Posted on June 23, 2019 by Xavi

For this last blog post of the Fuzzing series I chose to fuzz Vulnserver. Vulnserver is a Windows based threaded TCP server application that is designed to be exploited. The program is intended to be used as a learning tool … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Fuzzing – Finding bugs using BooFuzz (2/3)

Posted on June 23, 2019 by Xavi

As a continuation of these Fuzzing series, we are going to fuzz a second application. This time we are going to look for vulnerabilities in HP NNM application that uses HTTP protocol. Specifically the ovas process is vulnerable to a … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Fuzzing – Finding bugs using BooFuzz (1/3)

Posted on June 23, 2019 by Xavi

Hello everyone, in this blog post I’m going to explain you a couple of basics concepts about fuzzing. Also I’m going to share with you some interesting resources, and finally I’m going to show how to create different Boofuzz templates … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Encoded Backdoor inside a Windows Binary – AV Evasion

Posted on June 2, 2019 by Xavi

The purpose of this post is to show you how you can encode a common shellcode using a custom encoder and embed it inside a Windows file. The main reason to do that is to try to avoid AV detection. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , | Leave a comment