-
Recent Posts
Recent Comments
- Vulnerability Summary for the Week of March 23, 2020 – Sentria on CVE-2020-10963 – Unrestricted File Upload in FrozenNode/Laravel-Administrator
- Xavi on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Xavi on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
Archives
Categories
Meta
Category Archives: Exploiting
Fuzzing – Finding bugs using BooFuzz (2/3)
As a continuation of these Fuzzing series, we are going to fuzz a second application. This time we are going to look for vulnerabilities in HP NNM application that uses HTTP protocol. Specifically the ovas process is vulnerable to a … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, shellcode, x86
Leave a comment
Fuzzing – Finding bugs using BooFuzz (1/3)
Hello everyone, in this blog post I’m going to explain you a couple of basics concepts about fuzzing. Also I’m going to share with you some interesting resources, and finally I’m going to show how to create different Boofuzz templates … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, shellcode, x86
Leave a comment
Encoded Backdoor inside a Windows Binary – AV Evasion
The purpose of this post is to show you how you can encode a common shellcode using a custom encoder and embed it inside a Windows file. The main reason to do that is to try to avoid AV detection. … Continue reading
Posted in Exploiting
Tagged antivirus, Assembly, av bypass, av evasion, backdoor, exploit-db, exploiting, hacking, shellcode, shellcoding, windows, x86
Leave a comment
Backdoor inside a Windows Binary
Hello everyone! In this post I’m going to explain how to backdoor a Windows binary with a reverse shell, but feel free to use the shellcode that you prefer. I’ve chosen FileZilla FTP server version 3.8.0 for this example. The … Continue reading
Posted in Exploiting
Tagged Assembly, backdoor, exploit-db, exploiting, hacking, shellcode, shellcoding, windows, x86
Leave a comment
Shellcoding Linux x86 – Custom Crypter – Assignment 7
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 Before start this assignment, I have to say that this certification supposed some months of hard work but it’s completely … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 – Polymorphic versions of known shellcodes – Assignment 6
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 For this assignment I have to modify three known shellcodes from Shell-Storm and create polymorphic versions of them. I’m going … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 – Analyzing 3rd party shellcode – Assignment 5
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 The assignment requests to analyze three shellcodes, during the statement Vivek name three tools, so I’m going to analyze the … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 – Custom Encoder – Assignment 4
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 I’m going to create a custom encoder/decoder to modify an original shellcode and after recover it and execute it. The … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 – Egg Hunter – Assignment 3
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 Egg hunter is a type of shell code that is basically a two stages payload. The first stage searches for … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 – Reverse Shell TCP – Assignment 2
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 Code structure: 1. Create a socket 2. Connect to a IP and port 3. Redirect STDIN, STDOUT and STDERR to … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment