Index for bigb0ss Blogs
Around beginning of this year, I wanted to start studying for OSWE (WEB-300) from Offensive Security to boost my web application security skills. I took the updated OSWE course that was revamped in 2020. The whole experience of taking the course and the exam were amazing. It was the most…
A crypter is a software that can encrypt, obfuscate and manipulate malware or a RAT (Remote Access Tool) tool to potentially bypass security products such as anti-viruses.
For creating a simple crpyter, I will be using the following process:
The polymorphism means the ability of an object to take on many forms. In computer science, the term polymorphism also means the ability of different objects/codes to respond in a unique way to the same functionality.
I will use the following shellcode from the Shell-Storm to demonstrate the polymorphic shellcode:
Today I will analyze the following shellcode generated by the
msfvenom, specifically in linux/x86:
msfvenom will execute an arbitrary command that…
In computer systems, an encoder can be used for various purposes. For example, Base64 encodes binary data into an ASCII characters which are known to pretty much every computer system. Or one may use an encoder to mangle their own code to potentially bypass a security product such as AV…
Help was an easy difficulty Linux box. Good learning path for:
# nmap -Pn --open -T4 -sV -sC -p- 10.10.10.121Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-13 00:14 EDT
Nmap scan report for 10.10.10.121
Host is up (0.081s latency).
Json was a medium difficulty Windows box. Good learning path for:
# nmap -Pn --open -sC -sV -p- -T4 10.10.10.158PORT STATE SERVICE VERSION
21/tcp open ftp…
Unattended was a medium difficulty Linux box. Good learning path for:
<?php include(); ?>)
Mango was a medium difficulty Linux box. Good learning path for:
SUIDBinary Abuse (GTFobins — JJS Exploit)
# nmap -Pn — open -sC -sV -p- -T4 10.10.10.162PORT STATE SERVICE VERSION
22/tcp open ssh…