Index of /
:: Searching systematically for PHP disable_functions bypasses :: 2018-12-09 13:00:00 +0000 ::Some ideas about how to extract hidden parameters in PHP functions and how to find potential bypasses
:: Building simple DNS endpoints for exfiltration or C&C :: 2018-11-09 15:00:00 +0000 ::Brief tutorial of how to use backend pipes in PowerDNS for exfiltration
:: Writeup Navaja Negra 2018 CTF :: 2018-10-11 12:00:00 +0000 ::Solutions to the challenges made by me in Navaja Negra CTF (Web, Pwn, Rev. & Misc.)
:: Vulnerability in Swoole PHP extension [CVE-2018-15503] :: 2018-08-14 13:11:37 +0000 ::Description of how the vulnerability was found and a few indications about its explotability
:: Improving PHP extensions as a persistence method :: 2018-07-28 12:00:10 +0000 ::Article about how to build backdoors for the Zend Engine.
:: Hacking a game to learn FRIDA basics (Pwn Adventure 3) :: 2018-07-05 13:00:37 +0000 ::Learn the basic usage of Frida with this tutorial. Build your own cheat with Frida.
:: Exfiltrating credentials via PAM backdoors & DNS requests :: 2018-06-27 13:37:00 +0000 ::Description of how to backdoor PAM and exfiltrate credentials via DNS requests. Capture credentials FTW!
:: Beyond pty.spawn - use pseudoterminals in your reverse shells (DNScat2 example) :: 2018-05-08 12:00:00 +0000 ::Quick article about how to improve well-known tools used in pentests. Forkpty() FTW!!
:: Defeating WordPress Security Plugins (Revisited) :: 2018-03-09 12:00:00 +0000 ::Article about how to subvert file integrity checks made by most popular WordPress Plugins
:: Parasiting web server process with webshells in permissive environments :: 2018-02-24 12:00:00 +0000 ::Example of how to abuse permissive environments to infect processes with custom code using ptrace
:: Writeup (CTF) - ImpelDown CodeGate PreQuals 2018 (MISC) :: 2018-02-03 10:00:00 +0000 ::Solution to an easy python jail challenge
:: Loading "fileless" Shared Objects (memfd_create + dlopen) :: 2018-02-02 12:00:00 +0000 ::An example of how to drop modules on a target using the syscall memfd_create