Real World Featured Unleashing ksmbd: remote exploitation of the Linux kernel (ZDI-23-979, ZDI-23-980) December 22nd 2022: it's Christmas Thursday, one of the last workdays before the Christmas vacation starts. Whilst everyone was looking forward to opening presents from friends and family, the Zero Day Initiative decided to give the IT community a present as well: immense stress in the form of ZDI-22-1690, an
Binary Exploitation Featured Knote (HackTheBox) Heya infosec folks, in this write-up we will cover the Knote (kernel-note) kernel-pwn challenge on HackTheBox. We can trigger a local privilege escalation attack by exploiting a use-after-free bug. The description of the challenge is as follows: Secure your secrets in the kernel space! Summary * What are kernel modules? * How
Binary Exploitation Featured Superfast (HackTheBox) Hey folks. In this write-up, we're going to discuss the Superfast challenge in HackTheBox which was part of the HackTheBox Business CTF 2022. We're going to perform a single-byte overwrite to bypass ASLR, leak stack pointers, and perform a Return Oriented Programming (ROP) chain. The description of the challenge is:
Binary Exploitation Finale (HackTheBox) Hey all. Today we're going to discuss the retired Finale challenge on HackTheBox. The description on HackTheBox is as follows: It's the end of the season and we all know that the Spooktober Spirit will grant a souvenir to everyone and make their wish come true! Wish you the best
HackTheBox challenges Blacksmith (HackTheBox) Hey all. Today we're going to discuss the retired Blacksmith challenge on HackTheBox. The description on HackTheBox is as follows: You are the only one who is capable of saving this town and bringing peace upon this land! You found a blacksmith who can create the most powerful weapon in