Jan 3, 2022 | Certifications
Got time to read? This tasks was a bigger one. We have to pick 3 random metasploit payloads and analyze their shellcode. After building bind and reverse shell in the first two posts i chose the following (check all files on my github account): Exec whoami Readfile...
Jan 3, 2022 | Certifications
Welcome back to my second post for the SLAE certification. Today we are going to build a reverse_shell shellcode and again you can find the files here. This task is very similar to the first one, so i dont have to look up new/more information. Lets switch some...
Jan 3, 2022 | Certifications
Ready for the next level? – Method to exploit software even with small space for shellcode: EggHunting The third task was: Build an eggHunter-shellcode and a PoC to check functionality. After some googling i found a very interesting paper, which explains...
Jan 3, 2022 | Certifications
Hey ho, it’s time for some low-level shellcode encoding. After going through the encoder examples of the SLAE material I build a custom one, which you can find here. At first I wrote a little python script which takes every single byte of a given shellcode and...
Jan 3, 2022 | exploit, HowTo
This is a short usage guide which should explain my simple wrapper for the spike fuzzer, which you can find here. For this example i used the well known vulnserver;-) 0x01 Determine possible commands A simple nc && HELP command revealing all possible commands....
