Oz - Hack The Box
This blog post is a writeup of the Oz machine from Hack the Box.
hackthebox linux sqli ssti containers
Recent Posts
Mischief - Hack The Box
This blog post is a writeup of the Mischief machine from Hack the Box using the unintended LXC container privesc method.
hackthebox linux lxc containers unintendedWaldo - Hack The Box
Linux / 10.10.10.87
hackthebox linux capabilities phpCreating a custom shellcode crypter
For this last SLAE assignment, I’ve created a custom shellcode crypter using the Salsa20 stream cipher. Salsa20 is a family of 256-bit stream ciphers designed in 2005 and submitted to eSTREAM, the ECRYPT Stream Cipher Project.
slae assembly crypter goPolymorphic Linux Shellcode
This blog post shows 3 polymorphic variants of common shellcodes found on shell-storm.org.
slae assembly polymorphicActive - Hack The Box
Windows / 10.10.10.100
hackthebox kerberos adHawk - Hack The Box
Linux / 10.10.10.102
hackthebox drupalMsfvenom shellcode analysis
This blog post provides an analysis of various common shellcodes generated by the msfvenom utility which is part of Metasploit.
slae assembly encodingSmasher - Hack The Box
Linux / 10.10.10.89
hackthebox binary exploitCustom shellcode encoder
A shellcode encoder can be used for different purposes such as modify an existing shellcode to make it harder to detect by AV engines or simply avoid bad characters (such as null-bytes).
slae assembly encoding