Tag Archives: exploit development

MobaXterm Buffer Overflow – Malicious Sessions File import

Hello! In this blog post I will talk about the exploitation of a vulnerability that I discovered on August of 2019 in MobaXterm application. MobaXterm is a well known remote administration tool, that is used in many companies or in … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , | Leave a comment

SEH based local Buffer Overflow – DameWare Remote Support

Hello everyone! At this blog post I’m going to speak about a vulnerability that I detected at July of 2019 in DameWare Remote Support V. 12.1.0.34. DameWare is a well known remote administration tool that allows user to connect to … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver HTER – Hex conversion

Hello! One more Vulnserver write-up. This one is HTER function, it has some similarities with his brother LTER. LTER was converting the buffer to Unicode and HTER is going to convert it to hexadecimal. Let’s see what happens when this … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver LTER – Unicode conversion

Hello! One more blog post about Vulnserver, this time let’s do LTER exercise. It’s not a difficult one, but it has an important thing that we should understand when we are using Alphanumerical encoders. As always, we start the fuzzing … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver GMON – Egghunter

Hello everyone! This post is going to be another write-up of vulnserver. I’m going to do GMON exercise that contains basically an standard SEH based Remote Buffer Overflow vulnerability. I will try to make this post useful for anyone that … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

CVE-2018-12897 – Exploit Development – SolarWinds DameWare Local Buffer Overflow

Hello everyone! Last week I’ve been having fun trying to create exploits for already discovered vulnerabilities. I’m currently preparing the OSCE exam, and I decided that after doing some Vulnserver exercises… I needed to start working on “more realistic” exploits. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver KSTET – Egghunter 2

Hello everyone, This post is an alternative way to crack Vulnserver using KSTET command. To understand what I’m going to show in you here and how you can exploit this specific method you need to read the last post of … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver KSTET – Egghunter 1

Hello everyone! This is going to be the second post of the series of Vulnserver. This post will cover the exploitation of vulnserver using the KSTET function This one is a bit more difficult than TRUN, that was the one … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Exploit Development – Vulnserver TRUN – JMP EAX

Hello everyone, this post is the first of a series that I’m going to dedicate to Exploit Development. Right now I just finished the OSCE certification labs and I’m preparing the exam. I think that is a good idea to … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Fuzzing – Finding bugs using BooFuzz (3/3)

For this last blog post of the Fuzzing series I chose to fuzz Vulnserver. Vulnserver is a Windows based threaded TCP server application that is designed to be exploited. The program is intended to be used as a learning tool … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment