Hackfest.ca CTF – Sedna

Written by  on March 21, 2017

Hi folks! Sorry for being a little bit idle these last months, now I’m back with more stuff. I found this box: https://www.vulnhub.com/entry/hackfest2016-sedna,181/[...]

MS08_067 exploit analysis – part II defeating DEP

Written by  on December 30, 2015

In the previous part of this case of study, we developed a valid exploit for the ms08_067 vulnerability. We used a windows xp sp2 box with the DEP feature[...]

MS08_067 exploit analysis – part I

Written by  on December 23, 2015

In this case of study we’ll look inside the MS08_067 vulnerability and write anĀ  effective exploit for exploiting it. MS08_67 is one of the most[...]

Uploading files to compromised systems

Written by  on October 21, 2015

The windows debug method Windows has a program called debug, this program can actually convert hex machine code to an executable or whatever. The windows[...]

LFI: beyond /proc/self/environ

Written by  on October 19, 2015

Let’s suppose that we have a simple php application. The web app has a login form and a small news system based on txt files. So a user can simple[...]