Tag Archives: x86

Exploit Development – Vulnserver TRUN – JMP EAX

Hello everyone, this post is the first of a series that I’m going to dedicate to Exploit Development. Right now I just finished the OSCE certification labs and I’m preparing the exam. I think that is a good idea to … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , | Leave a comment

Fuzzing – Finding bugs using BooFuzz (3/3)

For this last blog post of the Fuzzing series I chose to fuzz Vulnserver. Vulnserver is a Windows based threaded TCP server application that is designed to be exploited. The program is intended to be used as a learning tool … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Fuzzing – Finding bugs using BooFuzz (2/3)

As a continuation of these Fuzzing series, we are going to fuzz a second application. This time we are going to look for vulnerabilities in HP NNM application that uses HTTP protocol. Specifically the ovas process is vulnerable to a … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Fuzzing – Finding bugs using BooFuzz (1/3)

Hello everyone, in this blog post I’m going to explain you a couple of basics concepts about fuzzing. Also I’m going to share with you some interesting resources, and finally I’m going to show how to create different Boofuzz templates … Continue reading

Posted in Exploiting | Tagged , , , , , , , | Leave a comment

Encoded Backdoor inside a Windows Binary – AV Evasion

The purpose of this post is to show you how you can encode a common shellcode using a custom encoder and embed it inside a Windows file. The main reason to do that is to try to avoid AV detection. … Continue reading

Posted in Exploiting | Tagged , , , , , , , , , , , | Leave a comment

Backdoor inside a Windows Binary

Hello everyone!  In this post I’m going to explain how to backdoor a Windows binary with a reverse shell, but feel free to use the shellcode that you prefer. I’ve chosen FileZilla FTP server version 3.8.0 for this example. The … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Shellcoding Linux x86 – Custom Crypter – Assignment 7

This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 Before start this assignment, I have to say that this certification supposed some months of hard work but it’s completely … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Shellcoding Linux x86 – Polymorphic versions of known shellcodes – Assignment 6

This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 For this assignment I have to modify three known shellcodes from Shell-Storm and create polymorphic versions of them. I’m going … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Shellcoding Linux x86 – Analyzing 3rd party shellcode – Assignment 5

This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 The assignment requests to analyze three shellcodes, during the statement Vivek name three tools, so I’m going to analyze the … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment

Shellcoding Linux x86 – Custom Encoder – Assignment 4

This post has been created for completing the requirements of the Pentester Academy Linux Assembly Expert Certification. Student ID: PA-8535 I’m going to create a custom encoder/decoder to modify an original shellcode and after recover it and execute it. The … Continue reading

Posted in Exploiting | Tagged , , , , , , , , | Leave a comment