Collaborate Disseminate
i am new to assembly and was just doing an exercise from the uni programming course. I tried to make to pivot the esp to new values with the instruction xchg eax, esp but i get eip=00000000 afterwards. what am i doing wrong?
Continue reading i get a NULL EIP when i do stack pivot with xchg eax, esp
i am new to assembly and was just doing an exercise from the uni programming course. I tried to make to pivot the esp to new values with the instruction xchg eax, esp but i get eip=00000000 afterwards. what am i doing wrong?
Continue reading i get a NULL EIP when i do stack pivot with xchg eax, esp
I am studying pivoting and I had a question related to double pivoting.
Reading various blogs, I read that it is a common (but not always used) practice to define two entries in the /etc/proxychains.conf file when performing double pivotin… Continue reading Double pivoting – proxychains.conf – why should I use 2 entries?
In a CTF, I want to attack a Bluekeep vulnerable machine over the internet using metasploit, but the problem is my Kali machine (attacker) is not exposed to the internet, so the vulnerable machine cannot send me back a reverse shell.
So I … Continue reading Pivoting over internet [closed]
When doing black-box vulnerability assessment (with permission of course) of a subdomain of a website, the first step is enumeration; and the first step of that is finding IP of the subdomain.
If you find this IP, and then upon performing … Continue reading In case of multiple websites using a single IP, and we have been asked to perform vulnerability assessment to ensure its security, how many to target
During a pentest I used to move laterally between Active Directory workstations using psexec or remote service creation techniques.
But this is the first time that I have had to conduct a pentest of a small organisation with 20-25 computer… Continue reading Is there a technique for lateral movement in a non Active Directory network? [closed]
I have a networking routing problem which I am unable to find a solution for:
I have a first machine, 192.168.51.103 (Windows), which is linked to subnet 172.16.51.0/24. To access this subnet, I first compromised 192.168.51.103 and then us… Continue reading How to double hop pivot?
I have a PCAP basically stating two things:
An ARP request who has 192.168.a.b? Tell 192.168.b.c
An ARP answer with the MAC address follows of course.
The following requests all access an web app, which seems to be .php based (I can judg… Continue reading How do I reach the "remote" web app using IP routing? [closed]
Could I access in a lab with pivoting from a subdomain to the main domain or is it only possible doing the opposite?
Main domain –> subdomain 1
I will try to use other tools to pivot like Chisel and SSHL.
Continue reading Pivoting from subdomain to the main domain [closed]
I am using a public wifi network.
When I start a nodejs express server at my local system at port 3000, I can access that website on another device (that is connected to the same public wifi network) by going to the http://(private ip addr… Continue reading Can attacker gain access to my private network application through pivoting and/or lateral movement?