piątek, 31 stycznia 2020

From 0 to 0day - manual approach

Few weeks ago we talked about file format fuzzing. Today we will try to find the bug using only 'manual approach'. ;) Below you will find the details. Here we go...

niedziela, 26 stycznia 2020

Stack overflow for beginners - part 2

In the meantime I decided to check (again) some cases related to buffer overflow bugs we can find during CTF(s). This time we will talk about buffer overflows in x64 architecture. Few notes you'll find below. Here we go...

niedziela, 19 stycznia 2020

Me and My Girlfriend - CTF

Today I decided to try one of the latest CTFs from VulnHub called 'Me and My Girlfriend'. ;) Below you will find the details. Here we go...

piątek, 10 stycznia 2020

Shared Windows - quick pentest notes


Today I tried to prepare a short list for few ‘quick paths’ to escalate in Windows - from low-privileged user to the Admin (or NT AUTHORITY\SYSTEM). Below you will find the details. Here we go...

Hacker Fest 2019 CTF

Few days ago I decided to try some new CTF(s) available at VulnHub. This time I player "Hacker Fest 2019" prepared by Martin Haller. Below you will find the details. Here we go...

niedziela, 5 stycznia 2020

Fax and Scan from Win7 to Win10

Last time I was doing some new little experiments with procmon.exe. In the meantime I decided to look around more deeper in c:\windows\system32 directory. Below you will find few details from the journey. Here we go...