You are probably wondering what this post is all about, well….it’s about manually encoding egghunter shellcode why would you want to manually encode the shellcode if you have built in encoders in the metasploit framework ? Before we begin have a look at the following exploit by muts : HP OpenView NNM 7.5.1 OVAS.exe SEH …
N@T Shell
A while back I needed a way to make metasploit’s meterpreter persistent or to be able to remotely execute it whenever needed. I decided to try and create a tool for doing that using Visual Basic Let me first say that i am not a programmer, I have very basic programming skills (some code snippets …
Exploit DEV Tools – Finding bad characters
Finding bad characters while developing an exploit can sometimes be an exhausting task The following tools are very useful when dealing with bad characters Tools: * Rename files extension to .pl Using generatecodes.pl : This script generates a c style buffer of all characters from 0 to 255, except those specified in a comma seperated …
KAV Bloopers?
After watching Offensive-Security I Piss on Your AV Presentation I’ve decided to test my a/v. In this presentation muts shows how to defeat the signature based detection, He used an old backdoor called ncx which listens for incoming connections on port 99 and spawns a bind shell. The process is creating a Code Cave and …
Recent Comments