Recent Comments
No comments to show.
part 3: cleaning and optimising shellcode
part 3: cleaning and optimising shellcode In Part 2: Building the shellcode, we created a bind shell on port 4444 which accepts connections from any host and then interacts with “/bin/sh” to facilitate remote code execution. Our shellcode however was littered with null bytes and would probably not be very…
part 2: building the shellcode
part 1: disassembling and understanding shellcode
using perl to grab IP addresses of multiple hostnames
Very Simple Caesar Cipher (Python)
post exploitation: finding passwords in haystacks
Often while conducting an internal pentest you may gain access to a user machine through some vulnerability or more commonly via social engineering. Let’s say that you pop a shell, unprivileged, and incognito only finds unprivileged domain tokens. You could move onto another target or you can try some post…