Posts

Reaper Walkthrough

Reaper is an 'insane' lab presented by VulnLab. To complete it I needed to exploit a remote service binary with ASLR and DEP mitigations. Privilege Escalation is via kernel driver exploit.

64-bit Custom Shellcode Part 1

By writing custom shellcode, as exploit developers we gain fine-grained control over the exploitation process, allowing us to optimise payloads for target systems, evade mitigation mechanisms, and achieve our desired objectives.

64-bit Custom Shellcode Part 2

Symbol resolution is the process of associating function names with corresponding memory addresses, without which we cannot make the necessary API calls.

64-bit Custom Shellcode Part 3

Writing shellcode to display a message box might seem a bit pointless but it includes all the elements needed to write more complex shellcode, such as a reverse shell.