Windows Kernel Exploitation – Arbitrary Memory Mapping (x64)
In this post, we will develop an exploit for the HW driver. I picked this one because I looked for some real-life target to practice on and saw a post by Avast that mentioned vulnerabilities in an old version of this driver (Version 4.8.2 from 2015), that was used as...
SQLi, LFI to RCE and Unintended Privesc via XAMLX & Impersonation – StreamIO @ HackTheBox
Video & additional notes for StreamIO, a medium difficulty Windows machine on HackTheBox that involves manual MSSQL Injection, going from file inclusion to RCE and in this case getting the SeImpersonate privilege back to get SYSTEM via an EFS-based potato.
Browser Exploitation: Firefox OOB to RCE
In this post, we will exploit Midenios, a good introductory browser exploitation challenge that was originally used for the HackTheBox Business-CTF. I had some experience exploiting IE/Edge/Chrome before, but exploiting Firefox was mostly new to me.
Resource-Based Constrained Delegation – Resourced @ PG-Practice
Video & additional notes for Resourced, an intermediate difficulty Windows machine on PG-Practice that involves password spraying and an RBCD attack.
Active Directory, JEA & Random Stuff – Acute @ HackTheBox
Acute is a 40-point Active Directory Windows machine on HackTheBox. I'm going to use it to show some techniques which can be useful in other scenarios and keep it short on the things that are not that important.
Windows Kernel Exploitation – HEVD x64 Use-After-Free
This part will look at a Use-After-Free vulnerability in HEVD on Windows 11 x64.