SLAE Assignment #2 | TCP Reverse_Shell

Welcome back to my second post for the SLAE certification. Today we are going to build a reverse_shell shellcode and again you can find the files here. This task is very similar to the first one, so i dont have to look up new/more information. Lets switch some...

SLAE Assignment #5 | Analyze Metasploit Payloads

Got time to read? This tasks was a bigger one. We have to pick 3 random metasploit payloads and analyze their shellcode. After building bind and reverse shell in the first two posts i chose the following (check all files on my github account): Exec whoami Readfile...

SLAE Assignment #3 | x86 EggHunting

Ready for the next level? – Method to exploit software even with small space for shellcode: EggHunting The third task was: Build an eggHunter-shellcode and a PoC to check functionality. After some googling i found a very interesting paper, which explains...

SLAE Assignment #4 | Custom Shellcode Encoder

Hey ho, it’s time for some low-level shellcode encoding. After going through the encoder examples of the SLAE material I build a custom one, which you can find here. At first I wrote a little python script which takes every single byte of a given shellcode and...

HowTo: ExploitDev Fuzzing

This is a short usage guide which should explain my simple wrapper for the spike fuzzer, which you can find here. For this example i used the well known vulnserver;-) 0x01 Determine possible commands A simple nc && HELP command revealing all possible commands....