MS08_067 exploit analysis – part II defeating DEP

Written by  on December 30, 2015

In the previous part of this case of study, we developed a valid exploit for the ms08_067 vulnerability. We used a windows xp sp2 box with the DEP feature[...]

MS08_067 exploit analysis – part I

Written by  on December 23, 2015

In this case of study we’ll look inside the MS08_067 vulnerability and write anĀ  effective exploit for exploiting it. MS08_67 is one of the most[...]

Uploading files to compromised systems

Written by  on October 21, 2015

The windows debug method Windows has a program called debug, this program can actually convert hex machine code to an executable or whatever. The windows[...]

LFI: beyond /proc/self/environ

Written by  on October 19, 2015

Let’s suppose that we have a simple php application. The web app has a login form and a small news system based on txt files. So a user can simple[...]

Windows bind shell universal shellcode

Written by  on September 26, 2015

.386 .model flat,stdcall .data .code start: assume fs:nothing ; ———————————————— ;[...]