Analysis of CVE-2017-5005: QuickHeal Buffer Overflow

Recently, I hosted an internal CTF event in my company. I wanted to include a challenge which would include some Windows Exploitation. Custom-made binaries are not fun, I wanted a challenge that would be bit realistic but not too difficult. Since we are living in times of ‘Quarantine’, it gave... [Read More]

Windows Exploitation: ASLR Bypass (MS07–017)

In this blog, I will be analysing a long forgotten Windows Animated Cursor Remote Code Execution Vulnerability (CVE-2007–0038) on Windows Vista. It was a classic case of a random not being random enough. A bit of a backstory before we move on… [Read More]

Windows Exploitation: Egg hunting

Lately, I’ve been exploring the world of Windows exploitation. I was already familiar with the concept of Buffer Overflows, brushed those skills up during OSCP days and now I’m taking steps further. One thing I have noticed in this world is that size of your payload matters, simply because we... [Read More]