Access @ HackTheBox

In this short writeup I will show how I completed Access on, a quite easy windows box that involves parsing credentials from ms office files, converting mail formats and accessing saved windows credentials.

Zipper @ HackTheBox

This post is a walkthrough of Zipper, an interesting machine on featuring the zabbix network monitoring application. It involves the application of known zabbix exploits, manipulation of database entries and light custom exploitation of a privileged binary.

Ypuffy @ HackTheBox

Ypuffy is a rather unique machine on because it features OpenBSD as operating system. In my version of getting root it didn't matter too much unfortunately because a public kernel exploit gave root quite easily. Ypuffy features ldap and smb enumeration and then application of public exploit for OpenBSD.

Exploiting LimeSurvey

LimeSurvey is a widely used open source application that allows it to create surveys with various features. For this post I will use LimeSurvey Version 2.72.3+171020 which contains a known vulnerability and use it together with 2 yet unknown vulnerabilities to achieve code execution. The first step of the exploit...

Code coverage with DynamoRIO

DynamoRIO comes with a handy tool to generate code coverage data for any program. To generate the data we need to use drrun with the drcov client. For this post we will generate coverage data for a simple example program. When choosing a target program it's best to have the...