Yes we decided to take part in Nahamcon CTF. No we did not have the time to do it. No we could not help ourselves. :) The babysteps challenge was one of the easy ranked in the binary exploitation category. I choose to do a writeup on this cause I think it fits quite well as the next part in my series of posts about binary exploitation. This uses the good old shellcode on the stack trick and just barely scratches some return oriented programming.…

This was a really fun and challenging box. Vulnerabilities for this box is described in CVE-2019-20933 and also a OS command injection vulnerability, described more in detail here. Tools used for this box was nmap, dirb, searchsploit, python3, ssh-port-forward, burpsuite and ffuf. The environment I used was a kali-VM (in Parallels Desktop 17) on my MACOS-machine. Let’s GO! Scanning Portscanning with nmap ┌──(erra㉿kali)-[~/htb/devzat] └─$ sudo nmap -T4 -sV -A devzat.…

This writeup describes how I approached the room Dear QA from Try Hack Me. This room is based on Linux and it is rated easy. I have been thinking about starting a series of articles about binary exploitation. Perhaps starting at the very easiest basics and building from that. This room seems like a very good first post on this subject. It’s the easiest kind of binary exploitation you could do.…

This box was a real enumeration-challenge, most of my time on this was spent on examining webserver content, mysql-database and interesting files on the box OS. Vulnerabilities on this box is Server Side Template Injection, and a weak password on a encrypted PGP message. Tools used for this box was nmap, dirb, searchsploit, nikto, python3, burpsuite, ffuf, hashcat, gpg2john and john. The environment I used was a kali-VM (in Parallels Desktop 17) on my MACOS-machine.…