In a previous post, Vulnserver KSTET Egg Hunter, we looked at how we can use an egghunter to obtain code execution within a larger chunk of memory. In this post, we will look at the KSTET Socket re-use WS2_32.dll recv() function and how we can...
During my OSCP study, I went down the Buffer Overflow rabbit hole and found myself going a bit further than needed. I found out I really freaking like binary exploitation! Today, I am going to talk about Egg Hunters. Egg Hunters are used when we...
This is another FTP Remote Buffer Overflow that is not as simple as the FreeFTP BOF example from the last post. The major difference is that we will use the Structured Exception Handler (SEH) to direct program flow since we cannot overflow the EIP register...
60 Days of OSCP labs have come and gone. That was fast and honestly, probably not enough time. I made it through the entire PDF and was able to compromise several machines on the OSCP lab network but I might end up purchasing another 15-30...