-
Recent Posts
- CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Death Note
- CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Pet Companion
- Shellcode – Windows/x86 – Create Administrator User – Dynamic PEB & EDT
- Creating your own AMSI Bypass using Powershell Reflection Technique
- Linux Shared Library Hijacking
Recent Comments
- Xavi on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Xavi on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
- junsec on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
Archives
Categories
Meta
Tag Archives: Assembly
CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Death Note
Hello everyone! As I explained in the last blog entry, I have participated with my job teammates in a Hack the Box CTF, this is the link: https://www.hackthebox.com/events/cyber-apocalypse-2024 And this is the team that we were part of: https://ctftime.org/team/198916 This … Continue reading
Posted in Exploiting
Tagged Assembly, binary exploitation, CTF, exploit development, hack the box, shellcoding, x64
Leave a comment
CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Pet Companion
Hello everyone! Today I want to write a couple of write-ups of a CTF that we have participated with our work colleagues from Exness. As I’m trying to improve in binary exploitation topic I would like to document here some … Continue reading
Posted in Exploiting
Tagged Assembly, binary exploitation, CTF, exploit development, hack the box, shellcoding, x64
Leave a comment
Shellcode – Windows/x86 – Create Administrator User – Dynamic PEB & EDT
Hello everyone, Recently I’ve been learning about Windows x86 shellcoding and I decided to write a shellcode by my own. My idea was to write a shellcode that creates a new user and make it local administrator. You can find … Continue reading
Posted in Exploiting
Tagged administrator, Assembly, exploit development, exploiting, osed, shellcode, shellcoding, x86
Leave a comment
Creating your own AMSI Bypass using Powershell Reflection Technique
Introduction Today I was reviewing one topic about AV Evasion and I was trying to understand how AMSI works and how we can interact with it. As a quick introduction, AMSI is the The Windows Antimalware Scan Interface, a interface … Continue reading
Protostar – Format Strings – Level 4
Hello everyone! This is the blog post for the level 4 format level of Protostar, that is the last one. This is the hint: And this is the code: Before I start, I have to say that I had no … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, CTF, exploit development, Format Strings, Fuzzing, GOT, hacking, OSCE, OSCE exam, ProtoStar, SEH, shellcode, x86
Leave a comment
Protostar – Format Strings – Level 3
This is another post about Protostar exploiting box. Let’s start working in the interesting levels 🙂 This is the hint for the level: And this is the code: As the level starts as the last one, I’m going to cover … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, CTF, exploit development, Format Strings, Fuzzing, hacking, OSCE, OSCE exam, ProtoStar, SEH, shellcode, x86
Leave a comment
Protostar – Format Strings – Level 2
Hello everyone, Let’s continue working in Protostar exploit exercises 🙂 Next exercise says the following: And this is the code for this level 2: This time, the input is received in a different way: Let’s start as the past levels. … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, CTF, exploit development, Format Strings, Fuzzing, hacking, OSCE, OSCE exam, ProtoStar, SEH, shellcode, x86
Leave a comment
Protostar – Format Strings – Level 1
Let’s continue working in ProtoStar exploiting exercises. Let’s see how to solve the Format String level 1. As always, first let’s read the level description. Exercise: This level shows how format strings can be used to modify arbitrary memory locations. … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, CTF, exploit development, Format Strings, Fuzzing, hacking, OSCE, OSCE exam, ProtoStar, SEH, shellcode, x86
Leave a comment
Protostar – Format Strings – Level 0
Hello everyone! In this blog post I will cover the solution for the Exploiting exercise named ProtoStar that is related to Format String vulnerabilities. Let’s see the first level: Exercise 0: This level introduces format strings, and how attacker supplied … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, CTF, exploit development, Format Strings, Fuzzing, hacking, OSCE, OSCE exam, ProtoStar, SEH, shellcode, x86
Leave a comment
Introduction to Format Strings Bugs
Format strings are the result of facilities for handling functions with variable arguments in the C programming language. Because it’s really C what makes format strings bugs possible, they affect every OS that has a C compiler. What is a … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, CTF, exploit development, Format Strings, Fuzzing, hacking, OSCE, OSCE exam, ProtoStar, SEH, shellcode, x86
Leave a comment