-
The Timing machine on HTB has some interesting web exploitation paths that reminded me of the OSCP and OSWE course labs. The intended path involves a Local File Inclusion (LFI) vulnerability combined with a File Upload function...
-
The Address Resolution Protocol (ARP) is an essential part of the TCP/IP protocol suite and will remain in common use as long as IPv4 sticks around. It is a very simple protocol and fun to hack with....
-
This third part of our Vulnserver series looks rather easy at first. The buffer overflow can be done without any fuzzing. But once we look at the stack we find our input bytes have been...
-
In the second part of our Vulnserver series we encounter a SEH-based buffer overflow. SEH stands for Structured Exception Handling. The exploitation process is sligthly different...
-
In this first part of our Vulnserver series we will take a look at the TRUN command. It offers a very simple Stack-based Buffer Overflow with a little bit of fuzzing...
-
Vulnserver is a vulnerable TCP socket server written in C. You can use it to practise Windows x86 stack based buffer overflows. The server application offers several different buffer overflows for you to exploit...
-
A sniffer allows you to intercept, log and analyze network traffic. In this tutorial we will build one from scratch in python3, using only standard libraries...
-
PyInstaller allows you to create stand-alone binaries that run on machines that do not have Python installed. On Linux it will create an executable ELF binary. On Windows...