Hello all! It has been some time since my last post, so I thought I’d write about something fun that I came across!
Return of The Penguin is the first reversing challenge from B-Sides London 2016, brought to us by the creator of last year’s Toxic PDF. In this challenge we are given an unknown binary and a number of guiding questions to answer!
This is a very quick post about a challenge I just solved and found interesting. It’s a Java “what’s this code doing?” type of challenge, and since I haven’t touched Java bytecode in a while I thought I’d give it a go!
The original challenge can be found here, and many many more can be found here!
It has been some time since I’ve posted anything, so I thought I’d look at the Android crackmes posted by DefendIO (link)! The link to the crackmes has got a number of challenges, of different levels. There are a lot of starter challenges (level 1), a level 2 and a level 4 challenge!
This is the writeup of the level 2 challenge, called ‘jumbled cme’!
Contrary to this blog’s usual material, this time I want to write about a quick technique I found to work pretty well today for transferring files between two hosts using the xxd and hexdump utilities!
I needed to use this technique as part of a pentest, as the host was a bit limited on the tools on the box. The prerequisites for this to happen are a page with a file inclusion vulnerability (preferably remote) and for the PHP configuration to not have turned off the system function.
Hello all! It has been a while since I wrote anything so I thought I’d write about a quick challenge I solved for DefCamp qualifiers 2015. Unfortunately I had only a few hours to spare, so I only managed to solve exploit1 and re1.
This was also a really good opportunity to get my PIN-fu in action, as I’ve been wanting for a while to fire a PINtool at something!