Mar 6, 2018 | Exploit, HowTo
This is a short usage guide which should explain my simple wrapper for the spike fuzzer, which you can find here. For this example i used the well known vulnserver 😉 0x01 Determine possible commands A simple nc && HELP command revealing all possible commands....
Feb 20, 2018 | CVE, Schwachstelle
Vulnerable Software FTP-Server 8.0f(g) Vulnerability Local Buffer Overflow (SEH protected)-> Code Execution Time Line 24.01.2018 Vendor informed 30.01.2018 Vendor reminded 12.02.2018 Software patched 20.02.2018 Vulnerability Disclose Description The free...
Feb 20, 2018 | Zertifizierungen
As promised on Twitter here is my OSCE review. You can read my time line from before course enrolling until the end of the exam here. So, let’s go. Stage_0: Preparation just before enrolling! First, I read a ton of other reviews to get an idea about the course...
Oct 9, 2017 | Zertifizierungen
Ready for the next level? – Method to exploit software even with small space for shellcode: EggHunting The third task was: Build an eggHunter-shellcode and a PoC to check functionality. After some googling i found a very interesting paper, which explains...