Blog

Your blog category

Stack Overflows for Beginners — Level 5

Welcome again to the Stack Overflows for Beginners series! In this post, we continue with the Level 5 binary and work on exploiting it to get the next flag — this time, with a twist: we’re going for a root shell! We’ll build on the skills developed in previous levels — identifying overflow points, calculating the EIP offset, controlling […]

binary exploitation, buffer overflow, exploit development, gdb, gets, msfvenom, PrependSetuid, privilege escalation, reverse engineering, setresuid, setreuid, setuid, stack overflow, VulnHub

Stack Overflows for Beginners — Level 4

Welcome again to the Stack Overflows for Beginners series! In this post, we continue with the Level 4 binary and work on exploiting it to get the next flag. We’ll continue exploiting buffer overflows, but this time, we’ll move toward achieving reliable reverse shell access by chaining key exploitation techniques. If you haven’t read the first part yet, I recommend […]

binary exploitation, buffer overflow, call esp, exploit development, gdb, reverse engineering, reverse shell, stack overflow, strcpy, VulnHub

Linux Usermode Exploitation 101

Introduction The aim of this course is to train students in the fundamentals of Linux usermode exploitation. You will learn how stack memory works, how buffer overflows happen, and how attackers can take control of a vulnerable program. By the end of the series, you’ll be able to analyze simple C programs, identify memory corruption […]

Stack Overflows for Beginners — Level 3

Welcome again to the Stack Overflows for Beginners series! In this post, we continue with the Level 3 binary and work on exploiting it to get the next flag. This time, we’re dealing with a binary that uses the unsafe strcpy function, making it vulnerable to buffer overflows. We’ll exploit this vulnerability, carefully navigating through memory to gain control over execution […]

binary exploitation, buffer overflow, exploit development, gdb, reverse engineering, stack overflow, strcpy, VulnHub

Stack Overflows for Beginners — Level 2

Welcome again to the Stack Overflows for Beginners series! In this post, we continue with the Level 2 binary and work on exploiting it to get the next flag. The Level 2 challenge introduces a classic technique called Return-to-Function (ret2func) — where instead of injecting shellcode, we redirect the program’s control flow to an already existing function in the binary to […]

binary exploitation, buffer overflow, exploit development, gdb, ret2func, reverse engineering, stack overflow, strcpy, VulnHub

Stack Overflows for Beginners — Level 1

In this post, we’ll explore the fundamentals of exploiting stack-based buffer overflows using the “Stack Overflows for Beginners: 1.0.1” challenges from VulnHub. We’ll walk through analyzing the source code, understanding how memory works, and using tools like gdb to manipulate program execution — all without needing advanced knowledge. These challenges are great for learning stack-based buffer overflows, especially […]

binary exploitation, buffer overflow, exploit development, gdb, reverse engineering, stack overflow, strcpy, VulnHub

Walkthrough: Analyzing BXAQ Spyware

Summary The BXAQ (MobileHunter) application, used by Chinese authorities for surveillance purposes, poses significant privacy and security risks to users. This mobile penetration test aimed to identify and evaluate these risks by analyzing the application’s behavior and potential vulnerabilities. The assessment revealed that the application collects a wide array of personal data, including calendar entries, […]

bxaq, bxnq, malware analysis, mobilehunter, penetration testing, spyware

Walkthrough: Config Editor app in Android

Affected Product Config Editor Affected version 1.0 CVE ID N/A Vulnerability Type Remote Code Execution Type MOBILEAPPS DescriptionCVE-2022-1471 identifies a critical unsafe deserialization vulnerability within the SnakeYaml library for Java. This vulnerability arises from the Constructor class’s failure to adequately restrict the types of objects that can be deserialized. Consequently, attackers can craft malicious YAML […]

android, CVE-2022-1471, mobile

Sci-Fi Notes: The Dice: Afterlife

By Ramil Mustafayev The story takes place in a future where humans have established a colony on a new planet called Cygnus-X1. Society struggles with poverty, injustice and violence, and the rulers struggle to maintain order. A team of brilliant scientists and engineers called the Brainwave Pioneers, led by Dr. Ava Mitchell, develop a groundbreaking technology […]

sci-fi

CVE-2023-37152: Online Art gallery project 1.0 – Arbitrary File Upload (Unauthenticated)

Affected Product Online Art gallery project Affected version 1.0 CVE ID CVE-2023-37152 Vulnerability Type Arbitrary File Upload (Unauthenticated) Type WEBAPPS Description Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Due to the absence of an authentication mechanism and inadequate file validation, attackers can upload malicious files, […]

CVE-2023-37152