This is a technical article describing the PrintNightmare vulnerability, its impact and remediation process for different endpoints and servers.

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code…

In this post we will analyse linux/x86/meterpreter/bind_tcp shellcode. If you haven’t read the part I, you can start from there:

Shellcode is basically a list of carefully crafted instructions that can be executed once the code is injected into a running application. …

In this post we will analyse linux/x86/meterpreter/reverse_tcp shellcode. If you haven’t read the part I, you can start from there:

Shellcode is basically a list of carefully crafted instructions that can be executed once the code is injected into a running application. …

This post is about writing an insertion encoder for Linux/x86 shellcodes. I would recommend you should go through shellcoding basics before spending some time here.

Some basics first…

Shellcode is basically a list of carefully crafted instructions that can be executed once the code is injected into a running application…

Let’s consider a scenario where for some reason (maybe limited memory space) our entire shellcode can’t be placed into memory. To make the scenario much easier to understand, we can take an example of a simple buffer overflow.

What if when we try to exploit buffer overflow the memory looks…

Let’s go through some of the basics.

Shellcode is basically a list of carefully crafted instructions that can be executed once the code is injected into a running application. Stack and heap-based buffer overflows are the most popular way of doing so.

A reverse shell is a type of shell…

Before diving into the technicalities, let’s go through some of the basics.

Shellcode is basically a list of carefully crafted instructions that can be executed once the code is injected into a running application. Stack and heap-based buffer overflows are the most popular way of doing so.

A bind shell

Huh, well this sounds like fun. Let’s see if it’s really that fun…

This story began not so long ago. As always some hackers found a way to exploit the deserialization process. This so called insecure deserialization vulnerability was so severe that it nailed its name in the OWASP Top…

Aditya Chaudhary

Cyber Security Analyst [https://adityachaudhary.me]

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store