Rootsploit

12 Followers
·
Follow

Image for post
Image for post
Image by freepik

Intro:

So as usual I was working on a Monday Morning and I received an email from my company with a different domain which didn’t sounded suspicious as an organization does have multiple domains nor was there any keywords in email such as Urgent or Login or change your password so I let it go at that time.

Initial Foothold:

So I continued working but later my curiosity started bothering me to try something so I started reconnaissance on this domain starting with whois information for the domain but nothing there, the domain obviously has privacy protection enabled.

Later when I checked the…


Image for post
Image for post

In June 2020 BSides TLV hosted a Capture the Flag Event which comprised of various Challenges segregated with multiple categories such as Reverse Engineering, Web, Cryptography, etc.

The Target was a Miscellaneous challenge which consisted Reverse Engineering of the file.

After Downloading it we would run File Command against TheTarget to know its file type:

root@rootsploit# file TheTarget
TheTarget: Extensible storage engine DataBase, version 0x620, checksum 0x54fcc144, page size 8192, Windows version 6.3

Extensible Storage Engine (ESE) is an advanced indexed and sequential access method (ISAM) storage technology. ESE enables applications to store and retrieve data from tables using indexed or sequential cursor navigation. …

About

Rootsploit

Pentester | Security Researcher | uid=0(root) gid=0(root) groups=0(root)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store