-
This tutorial is part two of a two part series that focuses on binary exploitation, in particular on x86 stack-based Windows buffer overflows. The first part of the series focuses on the theory behind the topics that will be described in this tutorial, and can be found here. The information provided in this blog is …
Read More -
This tutorial is part one of a two part series that focuses on binary exploitation, in particular on x86 stack-based Windows buffer overflows. This part of the series focuses on the theory behind memory, processors and buffer overflows. We first take a look at some simple c programs and assembly, then dive into the …
Read More -
Today we will be taking a look at "Shibboleth" from Hack the Box. To get get a foothold onto the box we first exploit the vulnerable-by-design IPMI protocol to obtain an administrator hash for Zabbix, and crack it. Through Zabbix we can execute local commands and obtain a shell. We can then use a recent …
Read More -
Welcome to my walkthrough for the "Backdoor" machine from Hack The Box. Backdoor is considered to be an easy box. We get a foothold onto the box through the exploitation of a vulnerable web service running at an unusual port. We can then escalate privileges through a screen session that was still open, which …
Read More -
This post is based on the notes and cheatsheets I wrote while studying for the Offensive Security Certified Professional (OSCP) exam, and can be used as a brief reference while looking for basic Windows privilege escalation methods. The contents of this blog originate from the “Windows Privilege Escalation for OSCP …
Read More -
This post is based on the notes and cheatsheets I wrote while studying for the Offensive Security Certified Professional (OSCP) exam, and can be used as a brief reference while looking for basic Linux privilege escalation methods. The contents of this blog originate from the "Linux Privilege Escalation for OSCP …
Read More