Active Directory, JEA & Random Stuff – Acute @ HackTheBox
xct2022-07-27T06:52:59+00:00Acute is a 40-point Active Directory Windows machine on HackTheBox. I'm going to use it to show some techniques which can be useful in other scenarios and keep it short on the things that are not that important.
Windows Kernel Exploitation – HEVD x64 Use-After-Free
xct2022-07-14T19:59:50+00:00This part will look at a Use-After-Free vulnerability in HEVD on Windows 11 x64.
Windows Kernel Exploitation – HEVD x64 Type Confusion
xct2022-07-15T05:25:22+00:00In the last post, we looked at a Stack Overflow in HEVD on Windows 11 x64, now are going to continue with a Type Confusion Vulnerability.
Windows Kernel Exploitation – HEVD x64 Stack Overflow
xct2022-07-10T11:52:15+00:00After setting up our debugging environment, we will look at HEVD for a few posts before diving into real-world scenarios. HEVD is an awesome, intentionally vulnerable driver by HackSysTeam that allows exploiting a lot of different kernel vulnerability types. I think this one is great to get started because...
Windows Kernel Exploitation – VM Setup
xct2022-07-10T10:07:31+00:00In this series about Windows kernel exploitation, we will explore various kernel exploit techniques & targets. This short first part will deal with the VM setup for the rest of the series.
Bypassing DEP with VirtualProtect (x86)
xct2022-07-12T06:15:05+00:00In the last post we explored how to exploit the rainbow2.exe binary from the vulnbins repository using WriteProcessMemory & the "skeleton" method. Now we are going to explore how to use VirtualProtect and instead of setting up the arguments on the stack with dummy values and then replacing them, we...