Sharing is Caring!

A typical Reverse/Bind shellcode will not work when it comes to Windows Kernel Exploitation, most of the time people often use (Nulling out ACLs, Enabling privileges or Replacing process token).

Read More...

While playing some pwn in HackZone CTF, i figured out a new technique for Arbitrary Code Execution only by using the read function from libc.

Read More...

CVE-2019-18276 - Suidbash
28 November 2019

This exploit was initially based on an older vulnerability back in 1999 (suidperl). Now after 20 years in 2019 we found the same vulnerability in bash (CVE-2019-18276) was discovered by Ian Pudney.

Read More...

Memcached Enumeration
4 February 2019

A server cache is an information technology for the temporary storage of data, to reduce server lag. I find a lot of those technologies in my daily work while doing penetration testing. Memcached is one of them and I’d like to talk about it and how to extract informations from it.

Read More...

Sigreturn-oriented programming (SROP) is a exploit development technique used to execute code, this attack employs the same basic assumptions behind the return-oriented programming (ROP) technique.

Read More...