This site was created by Felipe Winsnes. Here you will find multiple posts regarding Vulnerability Research and as well multiple techniques about Pentesting/Binary Exploitation.

Exploit Development Series

Vulnserver HTER - Vanilla BOF & Character Conversion

Vulnserver LTER - SEH Extremely Restricted Characters

Alignments on Windows Registers

Exploiting SEH 3-byte Overwrite on Windows

Exploiting SEH Overwrites on Windows with the use of Egghunters

Exploiting Vanilla Buffer Overflows on Windows

Linux Privilege Escalation Series

Privilege Escalation - PATH Variable

PE Backdooring Series

Beating ASLR & NX/DEP without PE Headers/Code Caves (VOL:III)

Backdooring PE Files through Code Caves + User Interaction + Encoding (VOL:II)

Backdooring PE Files through Code Caves (VOL:I)

Linux x86 Shellcoding

SLAE Assignment 7: Custom Crypter

SLAE Assignment 6: Polymorphic Shellcode

SLAE Assignment 5: Analyzing 3rd party Shellcode

SLAE Assignment 4: Custom Insertion Encoder

SLAE Assignment 3: Egghunter

SLAE Assignment 2: Reverse TCP Shellcode

SLAE Assignment 1: Bind TCP Shellcode

Findings

Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow

Audio Playback Recorder 3.2.2 - Structured Exception Handling Overwrite

Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow

UpLoader 3.5 - ‘FTP Login’ Denial of Service (PoC + SEH Overwrite)

FTPDummy! 4.80 - Structured Exception Handling Overwrite

Quick Player 1.3 - “Browser.exe” Denial of Service

RM Downloader 3.1.3 - ‘Load’ Structured Exception Handling Overwrite

Easy RM to MP3 Converter 2.7.3.700 - ‘Input’ Buffer Overflows

10-Strike Network Inventory Explorer Structered Exception Handling Overwrite

Locally Exploiting SMTP section in Easy File Sharing Web Server 7.2


Contact: whitecr0wzwork@protonmail.com
Twitter: @whitecr0wz