Mischief - Hack The Box
This blog post is a writeup of the Mischief machine from Hack the Box using the unintended LXC container privesc method.
Recent Posts
Waldo - Hack The Box
Linux / 10.10.10.87
Creating a custom shellcode crypter
For this last SLAE assignment, I’ve created a custom shellcode crypter using the Salsa20 stream cipher. Salsa20 is a family of 256-bit stream ciphers designed in 2005 and submitted to eSTREAM, the ECRYPT Stream Cipher Project.
Polymorphic Linux Shellcode
This blog post shows 3 polymorphic variants of common shellcodes found on shell-storm.org.
Active - Hack The Box
Windows / 10.10.10.100
Hawk - Hack The Box
Linux / 10.10.10.102
Msfvenom shellcode analysis
This blog post provides an analysis of various common shellcodes generated by the msfvenom utility which is part of Metasploit.
Smasher - Hack The Box
Linux / 10.10.10.89
Custom shellcode encoder
A shellcode encoder can be used for different purposes such as modify an existing shellcode to make it harder to detect by AV engines or simply avoid bad characters (such as null-bytes).
Egghunter Linux Shellcode
An egghunter can be useful in situations where the buffer space the attacker controls is limited and doesn’t allow for a full shellcode to be placed on the stack. The egghunter acts as a staged payload: the smaller payload which is executed first looks through the entire process memory space for a marker (the egg) indicating the start of the larger payload. Once the egg is found, the stager jumps to the memory address following the egg and executes the shellcode.