Hi everyone! This post is on b01lers CTF 2022’s pwn challenges which was held on 23/4 – 24/4. The pwn challenges are on using gets() and overflow to bypass strcmp() as well as string format attack to leak the flag located in heap memory. Let’s get started! 1. gambler_overflow Feeling luuuuuuuucky? You must create a flag.txt […]
Hi everyone! This post is on picoCTF 2022 write-up for binary exploitation that was held from 16th March 2022 to 30th Mar 2022. In this CTF, there are buffer overflow, on stack shellcode execution, format string attack, function overwrite, C programming array out of bound (OOB) arbilitary write, stack cache, and vulnerable string check. Let’s […]
There is no excerpt because this is a protected post.
There is no excerpt because this is a protected post.
There is no excerpt because this is a protected post.
There is no excerpt because this is a protected post.
There is no excerpt because this is a protected post.
There is no excerpt because this is a protected post.
Hi everyone! Today’s write-up is on Pandora, an easy GNU/Linux machine released on 10th January 2022. I won’t say the machine is easy if you are those who build the SQL injection exploit from scratch. Someone actually build the PoC exploit for an old CVE recently for this HackTheBox challenge so I leached on it. […]
Hi everyone! Today’s post is on a TryHackMe challenge on Attacktive Directory that will introduce to u Kerberos user enumeration using Kerbrute on Domain Controller (DC), AS-REP Roasting using GetNPUsers on DC, Hashcat to crack Kerberos hashes, dumping password hashes from DC, and using Evil-WinRM to access the DC. Let’s get started! 1. Deploy the […]
Lamecarrot 
You must be logged in to post a comment.