Tally is enumeration galore, full of red herrings, distractions, and rabbit holes. I spent hours digging through files and directories on this one. Tally will test your patience but it felt like a very realistic box so I enjoyed it. An interesting exploit at the end as well. Let’s get... [Read More]

The next assignment for the SLAE is taking existing shellcode from shell-storm or exploit-db and making polymorphic versions for three of them. [Read More]

This is the last Metasploit payload analysis post for the SLAE. This time we’ll be examining the linux/x86/exec payload and seeing exactly how it works. [Read More]

Continuing on with the next Metasploit payload analysis. This time we’ll be examining the linux/x86/chmod payload and seeing exactly how it works. [Read More]

The next assignment for the SLAE is analyzing three different Metasploit linux x86 payloads. For the first one we’ll be going through the linux/x86/adduser payload and seeing exactly how it works. [Read More]