Logo Dark Logo Light Logo
  • Home
  • Cheat-Sheets
    • Windows Priv-Esc
    • Linux Priv-Esc
    • Service Enumeration
  • About Me
  • Contact
Mobile logo
  • Home
  • Cheat-Sheets
    • Windows Priv-Esc
    • Linux Priv-Esc
    • Service Enumeration
  • About Me
  • Contact
Nov 20 2019

Vulnserver KSTET Socket Re-use

by Joshua
0 Comments
in assembly, buffer overflow, OSCE, Python

In a previous post, Vulnserver KSTET Egg Hunter, we looked at how we can use an egghunter to obtain code execution within a larger chunk of memory. In this post, we will look at the KSTET Socket re-use WS2_32.dll recv() function and how we can...

Read more
0
Nov 21 2018

Vulnserver KSTET Egg Hunter with Python3

by Joshua
1 Comment
in assembly, buffer overflow, egg hunter, Python, python3, Windows

During my OSCP study, I went down the Buffer Overflow rabbit hole and found myself going a bit further than needed. I found out I really freaking like binary exploitation! Today, I am going to talk about Egg Hunters. Egg Hunters are used when we...

Read more
1
Aug 28 2018

EasyFileSharing FTP SEH Buffer Overflow

by Joshua
0 Comments
in assmebly, buffer overflow, OSCP, Python, SEH

This is another FTP Remote Buffer Overflow that is not as simple as the FreeFTP BOF example from the last post. The major difference is that we will use the Structured Exception Handler (SEH) to direct program flow since we cannot overflow the EIP register...

Read more
0
Aug 04 2018

Freefloat FTP Remote Buffer Overflow

by Joshua
0 Comments
in assmebly, buffer overflow, Python, stack overflow, Tutorial, Windows

60 Days of OSCP labs have come and gone. That was fast and honestly, probably not enough time. I made it through the entire PDF and was able to compromise several machines on the OSCP lab network but I might end up purchasing another 15-30...

Read more
0