-
Recent Posts
- CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Death Note
- CTF Binary Exploitation – Cyber Apocalypse 2024: Hacker Royale – Pet Companion
- Shellcode – Windows/x86 – Create Administrator User – Dynamic PEB & EDT
- Creating your own AMSI Bypass using Powershell Reflection Technique
- Linux Shared Library Hijacking
Recent Comments
- Xavi on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Merrell Vineza on Exploit Development – Vulnserver TRUN – JMP EAX
- Xavi on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
- junsec on Shellcoding Linux x86 – Bind Shell TCP – Assignment 1
Archives
Categories
Meta
Tag Archives: Assembly
Exploit Development – Vulnserver KSTET – Egghunter 2
Hello everyone, This post is an alternative way to crack Vulnserver using KSTET command. To understand what I’m going to show in you here and how you can exploit this specific method you need to read the last post of … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, OSCE exam, shellcode, vulnserver, x86
Leave a comment
Exploit Development – Vulnserver KSTET – Egghunter 1
Hello everyone! This is going to be the second post of the series of Vulnserver. This post will cover the exploitation of vulnserver using the KSTET function This one is a bit more difficult than TRUN, that was the one … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, OSCE exam, shellcode, vulnserver, x86
Leave a comment
Exploit Development – Vulnserver TRUN – JMP EAX
Hello everyone, this post is the first of a series that I’m going to dedicate to Exploit Development. Right now I just finished the OSCE certification labs and I’m preparing the exam. I think that is a good idea to … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, OSCE exam, shellcode, vulnserver, x86
3 Comments
Fuzzing – Finding bugs using BooFuzz (3/3)
For this last blog post of the Fuzzing series I chose to fuzz Vulnserver. Vulnserver is a Windows based threaded TCP server application that is designed to be exploited. The program is intended to be used as a learning tool … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, shellcode, x86
Leave a comment
Fuzzing – Finding bugs using BooFuzz (2/3)
As a continuation of these Fuzzing series, we are going to fuzz a second application. This time we are going to look for vulnerabilities in HP NNM application that uses HTTP protocol. Specifically the ovas process is vulnerable to a … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, shellcode, x86
Leave a comment
Fuzzing – Finding bugs using BooFuzz (1/3)
Hello everyone, in this blog post I’m going to explain you a couple of basics concepts about fuzzing. Also I’m going to share with you some interesting resources, and finally I’m going to show how to create different Boofuzz templates … Continue reading
Posted in Exploiting
Tagged Assembly, Boofuzz, exploit development, Fuzzing, hacking, OSCE, shellcode, x86
Leave a comment
Encoded Backdoor inside a Windows Binary – AV Evasion
The purpose of this post is to show you how you can encode a common shellcode using a custom encoder and embed it inside a Windows file. The main reason to do that is to try to avoid AV detection. … Continue reading
Posted in Exploiting
Tagged antivirus, Assembly, av bypass, av evasion, backdoor, exploit-db, exploiting, hacking, shellcode, shellcoding, windows, x86
Leave a comment
Backdoor inside a Windows Binary
Hello everyone! In this post I’m going to explain how to backdoor a Windows binary with a reverse shell, but feel free to use the shellcode that you prefer. I’ve chosen FileZilla FTP server version 3.8.0 for this example. The … Continue reading
Posted in Exploiting
Tagged Assembly, backdoor, exploit-db, exploiting, hacking, shellcode, shellcoding, windows, x86
Leave a comment
Shellcoding Linux x86 – Custom Crypter – Assignment 7
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 Before start this assignment, I have to say that this certification supposed some months of hard work but it’s completely … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment
Shellcoding Linux x86 – Polymorphic versions of known shellcodes – Assignment 6
This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 For this assignment I have to modify three known shellcodes from Shell-Storm and create polymorphic versions of them. I’m going … Continue reading
Posted in Exploiting
Tagged Assembly, exploit-db, exploiting, hacking, linux, shellcode, shellcoding, SLAE, x86
Leave a comment