Using kali in lxc container the easy way

I bought a refurbished thinkpad x260 and the bios locked with the seller can not supply the password. Since I need at least a seperated kali for pentesting and used virtual box until today, I would need virtualization enabled. Which wasn’t unfortunately. So I am exploring ways to use kali as a lxc container. A … Read moreUsing kali in lxc container the easy way

Automate the boring stuff with bash

I really start to love bash. And dislike python. I’m not good at both, but i like to automate boring, repeative tasks. Being a pentester and network admin using linux (of course) i’m working a lot in the shell, editing connfig files, checking network devices and such things. I encounter a lot of problems which … Read moreAutomate the boring stuff with bash

WriteUp: Phoenix Exploit.Education

Writeup for the Phoenix VM from stack-onepython -c ‘print 64*”A”‘ stack-twoexport ExploitEducation=$”cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\n\t\n\r” learned about endianess here. really missing some of the basic computer science stuff, but well coming to it… stack-threeuser@phoenix-amd64:/opt/phoenix/amd64$ objdump stack-three -x | grep level user@phoenix-amd64:/opt/phoenix/amd64$ python -c ‘print “c”*64+”\x9d\x06@”‘ | ./stack-three Welcome to phoenix/stack-three, brought to you by calling function … Read moreWriteUp: Phoenix Exploit.Education

strace howto

strace -f -p PID returns syscalls of the process PID -eopen filters for open files -econnect filters for open sockets sendto(32, “@\4\0\0\20\0\1\0\0\0\0\0\0\0\0\0\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0″…, 1088, MSG_NOSIGNAL, NULL, 0 a sendto() syscall, the 32 ist a file descriptor, see /proc/PID/fd/ tbc.

Speculative Zombies and the Linux Kernel

“CVEs mean nothing, for the kernel. Very few CVEs ever get assigned for the kernel. I’m fixing 20 patches a day, I could create a CVE to each one of them, I was told not to because it would burn the world down,” he said. lol?