Shabnoon Khalid Random ramblings

Windows Active Directory takeover with Zerologin Vulnerability (CVE-2020-1472)

Demo of recent Windows Zerologin exploit

RopMev2 - Challenge

This is a recently retired binary exploitation (pwn) challenge from hackthebox.

Hackthebox - Chainsaw

Chainsaw is a retired vulnerable VM from Hack. This box is about Solidity, Ethereum Blockchain and IPFS Exploitation

Hackthebox - Carrier

Carrier is a retired vulnerable VM from Hack. This box is really fun since it allows us to play with BGP Hijacking which is pretty rare to see in CTF like challenges.

ROP Emporium - Split

This is the Second challenge from ROP Emporium, named as Split. In this challenge we have to create a small ROP Chain which execute system and give us the flag to complete the challenge. Through out this i am going to use radare2 as much as i can, just for the sake of learning the tool. Radare2 is a complete framework for reverse-engineering and analyzing binaries.

ROP Emporium - Ret2win

Doing these challenges to improve my binary exploitation skills and teach my self Return oriented programming (ROP). These challenges use the usual CTF objective of retrieving the contents of a file named flag.txt from a remote machine by exploiting a given binary

Hackthebox - OpenAdmin

OpenAdmin is rated as a Easy Linux box. It was released on 04 Jan 2020 and has been created by @dmw0ng This box required us to perform the following tasks: - Enumerate a web server to find vulnerable web application - Exploit Web app to get initial foothold - Credential reuse attack - Download users SSH private key and crack - Exploit misconfigured nano permission

Overthewire - Narnia 0-1

This blogpost contains the solutions for Narnia series of challenges from overthewire, this category of challenges are aimed at beginners to binary exploitation. Let's take a look at the code of this program.The below C code is the source code for the first challenge in the Narnia series of challenges from Overthewire.

Buffer overflow exploitation (Basic Stack overflow)

Welcome to part one of the x86 Linux binary exploitation series. In these series of posts, I will cover x86 Linux binary exploitation, from basics to advanced topics.

x86-linux-exploit-development-introduction

Welcome to part one of the x86 Linux binary exploitation series. In these series of posts, I will cover x86 Linux binary exploitation, from basics to advanced topics.