To potentially help future readers, and more importantly to discourage laziness on my part. I will be documenting my answers to all exercises in the Practical Malware Analysis book in this series of blog posts. Today we will get started with all of the labs in Chapter 1. Lab 1-1 Question 1: Upload the files …
Author: zerodetail
Boofuzz – A helpful guide (OSCE – CTP)
Overview Whilst studying for the Cracking the Perimeter you will come across many references to the Spike fuzzer. This is the fuzzer of choice for the CTP course. However development for Spike has long since ceased. Enter Sulley, the Spike fuzzer replacement. And then exit Sulley, as it has not seen active development in 2 years …
Recreating exploits – Disk Pulse Enterprise 9.9.16 – Remote Buffer Overflow (SEH)
Introduction As part of my Cracking The Perimeter course, I am doing the usual recommendation of recreating exploits from exploit-db. This post will step through the entire process of installing a target application, recreating a crash and developing an exploit. As for our target, lets recreate an exploit for Disk Pulse Enterprise 9.9.16. I’ve made …
Analyzing cowrie honeypot results
Introduction. Recently I decided to spin up a honeypot for no better reason than “because I can”. After some admittedly quick searching I found the Cowrie SSH and Telnet Honeypot. According to Cowrie’s Github Readme: Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed …