Introduction Vulnserver is excellent tool for learning and exploring buffer overflow vulnerability. It can be downloaded for free from following url: https://github.com/stephenbradshaw/vulnserver....

Introduction In this blog post we will go thru finding vulnerability in KarajaSoft Sami FTP 2.0.2 application and (re)writing exploit. Finding vulnerability in this application is a bit tricky wi...

Introduction BigAnt is client/server application which provides enterprise instant messaging solution. Buffer overflow vulnerability (SEH overwrite) was discovered in version 2.52 back in 2010 (or...

Introduction Next in a series of recreating (rewriting) remote buffer overflow exploits is Savant 3.1. Based on description from SourceForge: Savant is a freeware open source web server that runs...

Introduction In this blog post we will go thru recreating buffer overflow exploit for MinaliC webserver. Application can be downloaded on following URL: https://sourceforge.net/projects/minalic/. ...

Introduction MiniShare is a minimal web server with a simple GUI meant for fast and simple file sharing. It was released back in a days of Windows XP. Application has a buffer overflow vulnerabili...

Introduction Sending well known shell code to target machine would most probably be detected by antimalware solution . One way to bypass antimalware detection is to encode shell code and to have ...

Introduction Egg Hunter is super useful and simple piece of code used to search for an defined series of bytes called “egg” in a memory. Egg as such is just a 4 bytes string, usually: “w00t” (but ...

Introduction Objective of this blog post is to explain process of creating reverse shell in assembly language for 32 bit Linux. Blog post was created for the SLAE certification exam and it descri...

Introduction Objective of this blog post is to explain process of creating bind shell in assembly language for 32 bit Linux. Blog post was created for the SLAE certification exam and it describes...