I decided to share my exploit for CVE-2017-12561 since @primal0xF7 already made public an exploit for it and I believe it’s useful to see different ways of exploiting the same vulnerability.

In this post we are going to exploit a buffer overflow in both commands, GTER and KSTET, since the exploits are very similar I’m covering them both in the same post. We are going to use a new technique called an egghunter that will allow us to exploit targets that don’t give us enough length in the initial payload to put our shellcode.

We are back from a vacation and it’s time to keep going with the Vulnserver series of posts. In this post we are going to exploit the crash found in the HTER command of Vulnserver. And important note to make before starting is that this post is going to be shorter than the previous one since I’m going to skip the steps that we have already seen.

In this post we are going to analyze the crash we found previously in the TRUN command of Vulnserver by using our fuzzer. And we are also going to look at different ways of exploiting it.

This is going to be the first post in a series on exploiting Vulnserver, here we will talk about what software do we need to get started and later we will find some crashes in Vulnserver by using a fuzzer.

Hello everyone, this is my first post in the blog so I’m going to start talking a bit on why I created it and what I pretend to do with it.