Thursday, October 5, 2017

RickdiculouslyEasy: 1 - Walkthrough

It has been a long time since I've last posted anything off of Vulnhub. To be honest, I just haven't had too much time to dive into any of these VM's. However, g0tmi1k released a ton of new VM's so I wanted to check them out. One of which is was RickdiculouslyEasy: 1 made by Luke.

This VM is based off the tv show Rick and Morty. I, myself, am a fan of this show so I had to check it out. It turned out to be quite easy but I still had fun solving it. Below is my walkthrough on capturing all of the flags. 

Friday, June 30, 2017

Elevate from Admin to NT Authority\SYSTEM

Elevate from Admin to NT Authority\SYSTEM

The other day I gained Administrative access to a windows machine. While I was enumerating around, I had the urge to escalate to the most powerful account on a Windows local instance: NT Authority\SYSTEM.

I realized there weren't a lot of posts online about it. I figured I'd give the steps I did in order to accomplish this task.

Wednesday, May 3, 2017

64Base - Walkthrough

It's been a while since I've been able to work on a vulnhub image. I started looking at recent releases and came across 64base. This VM has a Star Wars theme which is always great. Plus, it was 3mrgnc3's first public VM so I had to check it out!

Monday, April 10, 2017

Protostar - stack4

This is my fifth post on the Protostar series hosted by Exploit Exercises

We start off with understanding what is being asked of us:


Stack4 takes a look at overwriting saved EIP and standard buffer overflows.
This level is at /opt/protostar/bin/stack4
  • A variety of introductory papers into buffer overflows may help.
  • gdb lets you do “run < input”
  • EIP is not directly after the end of buffer, compiler padding can also increase the size.

Source code

#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>

void win()
  printf("code flow successfully changed\n");

int main(int argc, char **argv)
  char buffer[64];