A thrilling ride through icy Whitehorse to sultry Montevideo, as we unmask more flaws in Lockitall’s feeble attempts to keep us out… And learn a thing or two about stack overflows and shellcode injection along the way.
Microcorruption - Part 1: New Orleans to Cusco
I’ve decided to take another crack at the microcorruption CTF and document my progress as some form of tutorial type thing. I also wanted to have a play around with ghidra and this seemed like a good candidate. Intro I’ve decided to take another crack at the microcorruption CTF and document my progress as some form of tutorial type thing; I also wanted to have a play around with ghidra and it seemed like a good candidate....
Hades: The Infernal
It has been a long time since I wrote anything here, but I’d been getting the itch again recently and I’d always planned on re-visting Hades to do a full writeup. Three years later, and here we are… Hades is a boot2root challenge created by Lok_Sigma with a heavy focus on binary exploitation and stack overflows. Service discovery using netdiscover and nmap, you know the drill… # netdiscover -i eth1 -p r 10....
Mr-Robot 1
Mr-Robot 1 is a boot2root challenge based on the Mr. Robot TV series, given I'd recently completed the Gibson challenged based on Hackers it seemed only reasonable to have a go at another challenge based on hacker-culture entertainment. root@kali:~# mkcd VulnHub/mrRobot root@kali:~/VulnHub/mrRobot# netdiscover -pr 10.1.11.0/24 Currently scanning: (passive) | Screen View: Unique Hosts 1 Captured ARP Req/Rep packets, from 1 hosts. Total size: 60 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname ----------------------------------------------------------------------------- 10....
Stapler 1 (Brute Force)
Stapler is a boot2root with multiple paths to shell and root, written by g0tmi1k. I found the simple brute force path the most obvious on the first play through but I think I will visit this one again. Discovery & Enumeration root@kali:~# mkcd VulnHub/Stapler root@kali:~/VulnHub/Stapler# netdiscover -pr 10.1.11.0/24 Currently scanning: (passive) | Screen View: Unique Hosts 1 Captured ARP Req/Rep packets, from 4 hosts. Total size: 60 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname ----------------------------------------------------------------------------- 10....
Gibson 0.2
Gibson is a boot2root created by Knightmare with a heavy 1988 Hackers theme; one of my favourite movies! Discovery & Enumeration The usual netdiscover and nmap to get an idea of what we are dealing with… root@kali:~# mkcd VulnHub/Gibson root@kali:~/VulnHub/Gibson# netdiscover -pr 10.1.11.0/24 Currently scanning: (passive) | Screen View: Unique Hosts 1 Captured ARP Req/Rep packets, from 1 hosts. Total size: 60 _____________________________________________________________________________ IP At MAC Address Count Len MAC Vendor / Hostname ----------------------------------------------------------------------------- 10....
Hades: The Infernal
Hades is a boot2root challenge created by Lok_Sigma with a heavy focus on reverse engineering. Video This really was a fantastic challenge, standby for a full writeup!