SROP - Sigreturn Oriented Programming

A few months ago a colleague of mine created a simple buffer overflow challenge to teach others how to defeat ASLR. The program itself was written in assembly and only consisted of 3 syscalls more or less – read, write and exit. The overflow was easy, there was no boundary check…

Access from HackTheBox

A write up of Access from hackthebox.eu - Highlighting abuse of saved credentials in a Windows system for privilege escalation.…

Ypuffy from HackTheBox

A write up of Ypuffy from hackthebox.eu - Highlighting the exploitation of a certificate authority for privilege escalation…

Reddish from HackTheBox

A write up of Reddish from hackthebox.eu - It's about exploiting several applications and pivoting through a network until we can break out of Docker.…