Assignment Task: Create a custom encoding scheme, similar to “Insertion Encoder” PoC with using execve-stack as the shellcode to encode with schema and execute The encoding scheme chosen for this assigmnet is AddWelve encoding scheme. It is a variant of caesar cipher in which the byte is shifted forward 12 bytes. The algorithm is as […]
Assignment Task: Study about the Egg Hunter shellcode Create a working demo of the Egghunter Should be configurable for different payloads About Egg Hunters Egg Hunter is a mechanism to locate a piece of code in an application’s Virtual Address Space (VAS). This technique is primarily used in exploits where the accessible buffer space is […]
Assignment Task: Take up 3 shellcodes from Shell-Storm and create polymorphic versions of them to beat pattern matching The polymorphic versions cannot be larger 150% of the existing shellcode Shellcode 1: shutdown -h now Shell-Storm Link: http://shell-storm.org/shellcode/files/shellcode-876.php The original shellcode was 56 bytes in size. Link to original code: https://github.com/yaksas443/SLAE/blob/master/Assignment%206/6-1/shellcode-6-1-orig.nasm https://github.com/yaksas443/SLAE/blob/master/Assignment%206/6-1/run-shellcode-6-1-orig.c Techniques used to modify […]
Assignment Task: Create a Shell_Reverse_TCP shellcode Reverse connects to configured IP and Port Execs shell on successful connection IP and Port should be easily configurable The TCP reverse shell is used to connect back to the attacking machine, with an interface to execute commands on the target machine. The TCP reverse shell code consists of […]
Assignment Task: Create a Shell_Bind_TCP shellcode Binds to a port Execs shell on incoming connection Port number should be easily configurable The TCP bind shell is used to setup a listener (or server) on the target machine which allows the attacker machine to execute commands on the said machine. The TCP bind shell code consists […]
This video gives a walk-through of AttackDefense Meterpreter Basics lab. To visit AttackDefense Labs, use the following URL: http://public.attackdefense.com/
This video gives a walk-through of AttackDefense TShark Basics lab. To visit AttackDefense Labs, use the following URL: http://public.attackdefense.com/
This video demonstrates the recently discovered NTLM hash leak vulnerability via the PDF files.
In this video, see NSA hacking tools in action. It is easy to hack Windows machines using these tools. It uses EternalBlue vulnerability and DoublePulsar backdoor implant tool.
This video gives a brief overview of Drupal vulnerability, Drupalgeddon 2. It also shows how to exploit drupalgeddon2.