Vulndev

  • Home
  • Blog
  • Notes
  • About Me
  • Other
    • Lab
    • Discord
    • Machine List
    • Cheats – Windows
  • Home
  • Blog
  • Notes
  • About Me
  • Other
    • Lab
    • Discord
    • Machine List
    • Cheats – Windows

Home

xct2021-09-10T07:02:29+00:00
02JulJuly 2, 2022

Windows Kernel Exploitation – HEVD x64 Stackoverflow

xct2022-07-02T12:41:58+00:00

After setting up our debugging environment, we will look at HEVD for a few posts before diving into real-world scenarios. HEVD is an awesome, intentionally vulnerable driver by HackSysTeam that allows exploiting a lot of different kernel vulnerability types. I think this one is great to get started because...

By xctBinary Exploitationbinary exploitation, kernel exploit, windows
Read more...
01JulJuly 1, 2022

Windows Kernel Exploitation – VM Setup

xct2022-07-01T10:07:01+00:00

In this series about Windows kernel exploitation, we will explore various kernel exploit techniques & targets. This short first part will deal with the VM setup for the rest of the series.

By xctBinary Exploitationbinary exploitation, kernel exploit, windows
Read more...
14JunJune 14, 2022

Bypassing DEP with VirtualProtect (x86)

xct2022-06-14T19:15:39+00:00

In the last post we explored how to exploit the rainbow2.exe binary from the vulnbins repository using WriteProcessMemory & the "skeleton" method. Now we are going to explore how to use VirtualProtect and instead of setting up the arguments on the stack with dummy values and then replacing them, we...

By xctBinary Exploitationaslr, binary exploitation, dep, gs, virtualprotect, windows
Read more...
12JunJune 12, 2022

Bypassing DEP with WriteProcessMemory (x86)

xct2022-06-14T19:12:46+00:00

In this post I will show an example on how to bypass DEP with WriteProcessMemory. This is a bit more complicated than doing it with VirtualProtect but nonetheless an interesting technical challenge. For the target binary I will use rainbow2.exe from my vulnbins repository.

By xctBinary Exploitationaslr, binary exploitation, dep, gs, windows, writeprocessmemory
Read more...
29JanJanuary 29, 2022

ASP, Windows Containers, Responder & NoPAC – Anubis @ HackTheBox

xct2022-06-14T08:23:04+00:00

We are solving Anubis, a 50-point windows machine on HackTheBox which involves an ASP template injection, windows containers, and stealing hashes with Responder. Later we'll escalate privileges using noPAC.

By xctCTFactive directory, asp, hackthebox, responder, windows
Read more...
22JanJanuary 22, 2022

SSRF & Python Debugger – Forge @ HackTheBox

xct2022-06-14T08:30:23+00:00

We are solving Forge, a medium difficulty Linux machine on HackTheBox which involves an SSRF & playing with the python debugger.

By xctCTFhackthebox, linux, pdb, ssrf
Read more...
12…20Next  
Support me on Patreon!

Categories

  • Binary Exploitation (4)
  • CTF (106)
  • Fuzzing (3)
  • Tools (1)
  • Vulnerability (2)
  • Vulnlab (4)
  • Windows Internals (2)

Latest Posts

Windows Kernel Exploitation – HEVD x64 Stackoverflow
July 2, 2022
Windows Kernel Exploitation – VM Setup
July 1, 2022
Bypassing DEP with VirtualProtect (x86)
June 14, 2022
Bypassing DEP with WriteProcessMemory (x86)
June 12, 2022
ASP, Windows Containers, Responder & NoPAC – Anubis @ HackTheBox
January 29, 2022
SSRF & Python Debugger – Forge @ HackTheBox
January 22, 2022

Tags

active directory binary exploitation bloodhound command injection cronjob crypto cve dcsync deserialization docker domain trust dynamorio electron hackthebox ipv6 jwt kernel exploit laps ldap lfi linux metasploit openbsd password cracking password spraying path hijacking pg practice php potato powershell redis responder reversing rop seimpersonate service sql injection SQL Server stack overflow sudo tryhackme vulnlab web windows xss

Contact

  • Email: xct@vulndev.io

Follow

Twitter Youtube Linkedin
© Copyright 2021. All Rights Reserved.