Buffer Overflow – Return to Libc

Introduction

In information security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary and overwrites adjacent memory locations.

Return-to-libc is a method that defeats stack protection on linux systems.

This article will show you that how to attack C program by using buffer overflow and return to Libc method to pop a bash shell.

buffer overflow

Continue reading

Stratosphere Box Writeup & Walkthrough – [HTB] – HackTheBox

Introduction

Stratosphere is a machine on the HackTheBox.

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated.

This article will show how to hack Stratosphere box and get user.txt and root.txt.

Stratosphere Box

Continue reading

ezXSS NGINX Rewrite Rules

Introduction

ezXSS is a XSS platform that can test (blind) Cross Site Scripting, steal cookies and other attacks. It is a open source XSS platform, you can find the source code in Github. However, the original source did not give NGINX Rewrite rules.

This article will show you ezXSS NGINX rewrite rules.Therefore, you can build your ezXSS with NGINX.

Continue reading