Below is a basic example on how to use the detours library to hook APIs. #include <stdio.h> #include <windows.h> #include <detours.h> // API that we want to hook DWORD (WINAPI * Real_SleepEx)(DWORD dwMilliseconds, BOOL bAlertable) = SleepEx; // This function…
I’ve made some changes to bytefuzz to support files generated by other fuzzers. I’ve used the domato fuzzer to generate 1000 html files and then through bytefuzz, I’ve sent those files to a browser that I use when I do…
Let’s assume you have a program that just crashed and you have a core dump. You can enable core dumps by using the ulimit -c unlimited command. If you want to analyze what happened, here are some steps you can…
If you want to do web app security testing using either Chrome or Chromium, you may want to disable a few security options so you can actually go through your test cases. You can use the same command line parameters…
If you have a hash for either a domain admin or a local admin on a domain controller, you can use mimikatz to exfil the entire Active Directory database. From mimikatz, run the following command to spawn a shell as…
If you’re doing a penetration test and you’ve got credentials for an account on a remote machine, you can try to run remote commands by taking advantage of the PowerShell remoting feature. First make sure that the TCP ports 5985/5986…
Today we’re going to look at using sqlmap when the target website uses base64 encoded parameters. For example, we have something like: http://<target>/products/article.php?art_id=<base64_encoded_value> In this case we have to “convince” sqlmap that when scanning, to use base64 for all payloads.…
In this post we’ll have a look at the nodejs XSS attack/exploit in XVNA (eXtreme Vulnerable Node Application). Cross-site scripting is part of the OWASP Top 10 list that was published in 2017. We’ll use the setup detailed here (XVNA runs on port 80).…
In this post we’ll have a look at the nodejs deserialization attack/exploit in XVNA (eXtreme Vulnerable Node Application). Insecure deserialization is part of the OWASP Top 10 list that was published in 2017. We’ll use the setup detailed here (XVNA…
Here is a detailed step by step tutorial on how to have everything ready if you want to test XVNA (Extreme Vulnerable Node Application). Base OS: Ubuntu 16.04 First, we need to install mongodb, nodejs and git: apt-get install monodb…