Vulndev

  • Home
  • Blog
  • Notes
  • About Me
  • Other
    • Machine List
    • Discord
    • Lab
  • Home
  • Blog
  • Notes
  • About Me
  • Other
    • Machine List
    • Discord
    • Lab

Home

xct2021-09-10T07:02:29+00:00
14JunJune 14, 2022

Bypassing DEP with VirtualProtect (x86)

xct2022-06-14T19:15:39+00:00

In the last post we explored how to exploit the rainbow2.exe binary from the vulnbins repository using WriteProcessMemory & the "skeleton" method. Now we are going to explore how to use VirtualProtect and instead of setting up the arguments on the stack with dummy values and then replacing them, we...

By xctWindows Binary Exploitationaslr, binary exploitation, dep, gs, virtualprotect, windows
Read more...
12JunJune 12, 2022

Bypassing DEP with WriteProcessMemory (x86)

xct2022-06-14T19:12:46+00:00

In this post I will show an example on how to bypass DEP with WriteProcessMemory. This is a bit more complicated than doing it with VirtualProtect but nonetheless an interesting technical challenge. For the target binary I will use rainbow2.exe from my vulnbins repository.

By xctWindows Binary Exploitationaslr, binary exploitation, dep, gs, windows, writeprocessmemory
Read more...
29JanJanuary 29, 2022

ASP, Windows Containers, Responder & NoPAC – Anubis @ HackTheBox

xct2022-06-14T08:23:04+00:00

We are solving Anubis, a 50-point windows machine on HackTheBox which involves an ASP template injection, windows containers, and stealing hashes with Responder. Later we'll escalate privileges using noPAC.

By xctCTFactive directory, asp, hackthebox, responder, windows
Read more...
22JanJanuary 22, 2022

SSRF & Python Debugger – Forge @ HackTheBox

xct2022-06-14T08:30:23+00:00

We are solving Forge, a medium difficulty Linux machine on HackTheBox which involves an SSRF & playing with the python debugger.

By xctCTFhackthebox, linux, pdb, ssrf
Read more...
19JanJanuary 19, 2022

Lab – Baby Walkthrough

xct2022-06-12T12:46:40+00:00

Baby is an easy machine on Vulnlab that involves enumerating LDAP & spraying credentials. For SYSTEM we exploit SeBackup & SeRestore Privileges.

By xctCTF, Vulnlabactive directory, ldap, vulnlab, windows
Read more...
16JanJanuary 16, 2022

Lab – Rainbow Walkthrough

xct2022-06-12T12:48:08+00:00

Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root.

By xctCTF, Vulnlabbinary exploitation, vulnlab, windows
Read more...
12…20Next  
Support me on Patreon!

Categories

  • CTF (106)
  • Fuzzing (3)
  • Tools (1)
  • Vulnerability (2)
  • Vulnlab (4)
  • Windows Binary Exploitation (2)
  • Windows Internals (2)

Latest Posts

Bypassing DEP with VirtualProtect (x86)
June 14, 2022
Bypassing DEP with WriteProcessMemory (x86)
June 12, 2022
ASP, Windows Containers, Responder & NoPAC – Anubis @ HackTheBox
January 29, 2022
SSRF & Python Debugger – Forge @ HackTheBox
January 22, 2022
Lab – Baby Walkthrough
January 19, 2022
Lab – Rainbow Walkthrough
January 16, 2022

Tags

active directory arbitrary file write aslr asrep-roasting binary exploitation bloodhound command injection crypto cve dcsync dep deserialization docker dynamorio ftp fuzzing hackthebox keepass ldap lfi linux metasploit obfuscation openbsd password cracking password spraying path hijacking pg practice phishing php port forwarding responder reversing rop seh buffer overflow seimpersonate sql injection ssrf sudo tryhackme tunneling vulnlab web windows xss

Contact

  • Email: xct@vulndev.io

Follow

Twitter Youtube Linkedin
© Copyright 2021. All Rights Reserved.