In this machine there is a nodejs service exploitable in a easy and direct way. And for privilege escalation there is a simple trick with python.
About Daniele ScanuThis author has not yet filled in any details.
So far Daniele Scanu has created 34 blog entries.
Hey guys! Here there is another writeup of a pwn of the HackCon18 ctf. The challenge She Sells Sea Shells was a very easy pwn based on buffer overflow, where you can simply put a shellcode in buffer and jump on it!
Hey guys, it’s just finished the HackCon18 ctf, let’s see the writeup of Simple Yet Elegent pwn. This pwn is based on format string vulnerability and buffer overflow, then our target is leak an address of libc with the format string (because we suppose that ASLR is enabled), and then calculate remote system for spawn a shell.
Recently I have tried for the first time an Arm pwn, a simple program vulnerable to buffer overflow. The only difference between an Arm pwn and a “normal” binary is the assembly code, but look this for see how exploit it.
Welcome back on Exploitnetworking! Today we’ll see a Valentine write up. This box is really funny because the first step is based on heartbleed vulnerability that permit you to exploit openssl protocol and read the machine memory.
Hey guys! Today we are on Hack The Box for see Nibbles writeup. This machine, was been relatively easy compared to other machine. The web part was easy enough and the privilege escalation: “a piece of cake”