Real busy week at work this week, so just going to go over a simply simple binary to hex converter in Python for converting binary files to hex encoded strings (for use in shellcode, exploits, etc.).
Monthly Archives: June 2015
Multiple Vulnerabilites in GoHttp 1.0
While doing some auditing for a client recently, I ran across a webserver used for serving static pages called GoHttp. After a bit of research and testing, it appeared that this server was actually vulnerable to a few buffer overflow exploits resulting in remote code execution, denial of service, and some general memory/heap corruption and mangling.
Filed under Security Not Included
Kioptrix 2014 (#5) Walkthrough
Last up in the series was Kioptrix 2014 (#5), so I decided to knock it out.
(I know that I haven’t shown my enumeration scripts yet, and I know that the beginning of all of these seem redundant, but I’d like for all of them to be able to stand on their own.)
First things first, netdiscover to find the VM.
Filed under Security Not Included
Kioptrix Level 1.3 (#4) Walkthrough
Continuing along with the series, I decided to knock out Kioptrix Level 1.3 (#4).
As usual, (though hopefully soon I’ll start showing off some of my enumeration scripts on here as well) I ran netdiscover to find the new VM.
Filed under Security Not Included