Author Archives: Xavi

Shellcoding Linux x86 STACK technique (3/3)

Posted on March 25, 2019 by Xavi

Hello, in this post I will explain how to use execve syscall in a shellcode using the stack technique, the purpose of this shellcode is the same as the last shellcode from the previous post. As I told you in … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Shellcoding Linux x86 JMP-CALL-POP technique (2/3)

Posted on March 24, 2019 by Xavi

Following the last article content, we are going to pop a shell instead of printing Hello World in the screen. To do this we are going to use the Execve syscall. This syscall allows us to execute a new program … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Shellcoding Linux x86 JMP-CALL-POP technique (1/3)

Posted on March 23, 2019 by Xavi

Currently I’m studying SLAE certification of Pentester Academy and I found a really interesting video that explained this technique. I’m going to follow the course instructions step by step and try to explain it here the best as I can. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Introduction to Assembly

Posted on February 23, 2019 by Xavi

In this article I’m going to write a quick introduction to intel x86 assembly language. We are going to create a program, that is going to print a sentence in the screen. Before starting programming, we need to know a … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

SQL Injection 4

Posted on October 28, 2018 by Xavi

Time to move on to time-based SQLi.   Time based SQLi The process is almost the same as boolean-based. The thing that changes is the way to identify a true condition. Let’s visit level 9 of sqlilabs. The way to … Continue reading

Posted in Hacking Web | Tagged , , , , | Leave a comment

SQL Injection 3

Posted on October 28, 2018 by Xavi

In this article I’m going to explain step by step how you can extract information of a database using a blind boolean based SQLi vulnerability.   Blind boolean based SQLi First of all we need to understand what a boolean … Continue reading

Posted in Hacking Web | Tagged , , , , | Leave a comment

SQL Injection 2

Posted on October 28, 2018 by Xavi

Let’s continue understanding SQL injections. This time we are going to focus on understanding how to exploit more complicated SQL injections manually.   Error/Doble Query To understand Error-based SQLi, we need to start doing lesson 5 and 6 of the … Continue reading

Posted in Hacking Web | Tagged , , , , | Leave a comment

SQL Injection 1

Posted on October 27, 2018 by Xavi

Introduction The purpose of this post is not to teach you how to exploit a SQL Injection vulnerability, if you are just looking for that, just google sqlmap. In this article I will try to explain to you how SQL … Continue reading

Posted in Hacking Web | Tagged , , , , | Leave a comment

How to learn to hack?

Posted on October 14, 2018 by Xavi

I guess everyone that works in Infosec world has heard these words: “How can I learn to hack?” or “What I need to learn to be a hacker?”. There are a lot of people that are curious and wants to … Continue reading

Posted in Miscellaneous | Tagged , , , , , | Leave a comment

Hello world!

Posted on October 13, 2018 by Xavi

Hello world! My name is Xavi 🙂 In may of 2016 I had my first Cyber Security job, but I started doing hacking stuff since I was really young. My best skills are related to Hacking, but I am also … Continue reading

Posted in Miscellaneous | Tagged , , , , | Leave a comment