Skip to content

sud0woodo

Binary Enthusiast

Menu
  • Home
  • twitter

Reversing Adventures: shad0w framework part 3

2020-07-08
| No Comments
| Reverse Engineering

In the time of me writing this post, the author of the shad0w framework added some more features and ways to inject its modules, and execute code. This is actually quite nice since the list with commands and modules was expanded, which in turn made this third part a lot more interesting to work on […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/reverse-engineering/" rel="category tag">Reverse Engineering</a>

Reversing Adventures: shad0w framework part 2

2020-07-01
| No Comments
| Reverse Engineering

Contueing from reversing the shad0w framework part 1 we will look at the registration of the beacon and how tasks for the beacon are received. Just like the previous part this is not meant to defeat the framework in any kind of way, but meant as a reverse engineering exercise for the people that want […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/reverse-engineering/" rel="category tag">Reverse Engineering</a>

Reversing Adventures: shad0w framework part 1

2020-06-29
| No Comments
| Reverse Engineering

This post will be the first part in a series that I will hopefully post more often / follow-up on. This series will go into my thought process while reverse engineering something. Please keep in mind that I am doing this as a hobby and am by no means a professional and/or expert. These posts […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/reverse-engineering/" rel="category tag">Reverse Engineering</a> Tagged <a href="https://sud0woodo.sh/tag/reverse-engineering/" rel="tag">reverse engineering</a>, <a href="https://sud0woodo.sh/tag/reversing-adventures/" rel="tag">reversing adventures</a>, <a href="https://sud0woodo.sh/tag/shad0w/" rel="tag">shad0w</a>, <a href="https://sud0woodo.sh/tag/x64dbg/" rel="tag">x64dbg</a>

Binary Exploitation Automation with Radare2

2020-06-10
| No Comments
| Exploit Development

Before I dive into describing my process I want to write a little disclaimer; This post is by no means a complete guide to automate any kind of practical exploitation of binaries in the real world. This is simply to describe something I learned a while back but never really got around posting anything about […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/exploit-development/" rel="category tag">Exploit Development</a> Leave a comment

Developing Urgent11 Detection with Suricata

2019-11-13
| No Comments
| Network Analysis, Network Detection, Networking, Vulnerability

Summary In july of 2019 Armis released a technical whitepaper detailing numerous vulnerabilities found in devices running VxWorks. Since this post is not about explaining what VxWorks is, or why the vulnerabilities are so impactful, I will leave you with this link to the post that Armis put out in july. Since I’m developing Suricata […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/networking/network-analysis/" rel="category tag">Network Analysis</a>, <a href="https://sud0woodo.sh/category/networking/network-detection/" rel="category tag">Network Detection</a>, <a href="https://sud0woodo.sh/category/networking/" rel="category tag">Networking</a>, <a href="https://sud0woodo.sh/category/vulnerability/" rel="category tag">Vulnerability</a> Tagged <a href="https://sud0woodo.sh/tag/suricata/" rel="tag">suricata</a>, <a href="https://sud0woodo.sh/tag/urgent11/" rel="tag">urgent11</a> Leave a comment

CTF Write-up: Rob’s admin program

2019-10-06
| No Comments
| Exploit Development

PvIB CTF Last thursday I was participating in a CTF which had challenges in different categories of difficulty. This challenge was in the ‘ARGH’ category and labelled as very hard. I jumped right into it from the start of the CTF but unfortunately didn’t made it in time due to some stupid mistakes I made. […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/exploit-development/" rel="category tag">Exploit Development</a> Leave a comment

Suriflaska – Flask server for testing Snort / Suricata rules

2019-04-29
| No Comments
| Development, Network Detection, Networking

This post is a small follow-up on the network detection theme that I have been posting the last couple months. Recently I got more into writing rules for detecting network threats and wanted to create something similar to what is used in some bigger blue team companies. So without going too much in the why’s, […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/development/" rel="category tag">Development</a>, <a href="https://sud0woodo.sh/category/networking/network-detection/" rel="category tag">Network Detection</a>, <a href="https://sud0woodo.sh/category/networking/" rel="category tag">Networking</a> Leave a comment

Apache UNO API Remote Code Execution

2019-03-13
| No Comments
| Disclosure, Vulnerability

After months of trying to make Apache understand the security risks of having a method of executing code remotely without any warning or authentication scheme, it seems these efforts were futile. Apache will not fix this issue as they deem this a feature and apparently it isn’t used by anyone but they also refuse to […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/vulnerability/disclosure/" rel="category tag">Disclosure</a>, <a href="https://sud0woodo.sh/category/vulnerability/" rel="category tag">Vulnerability</a> Leave a comment

Building a Go scanner to search externally reachable StarOffice Managers

2019-03-06
| No Comments
| Development, Networking, Vulnerability

This is a little hobby project of mine that I started to get some experience with Go. DISCLAIMER: I am not a programmer and not responsible for your eye sores reading this code. Please do critique the script. Background I want to kick this post off with a little background information about why I decided […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/development/" rel="category tag">Development</a>, <a href="https://sud0woodo.sh/category/networking/" rel="category tag">Networking</a>, <a href="https://sud0woodo.sh/category/vulnerability/" rel="category tag">Vulnerability</a> Leave a comment

Investigating External IP-Lookups from Mailspring

2019-02-11
| No Comments
| Network Analysis, Networking

Last week I was playing around with some PCAPs I made of my home network, trying to correlate what I saw happening in the PCAP with the alerts generated by my SecurityOnion instance. One specific alert triggered over 1000 times in just two days, this doesn’t say much as I happen test a lot of […]

Read More »

Posted in <a href="https://sud0woodo.sh/category/networking/network-analysis/" rel="category tag">Network Analysis</a>, <a href="https://sud0woodo.sh/category/networking/" rel="category tag">Networking</a> Leave a comment

Posts navigation

1 2 Next

Recent Posts

  • Reversing Adventures: shad0w framework part 3
  • Reversing Adventures: shad0w framework part 2
  • Reversing Adventures: shad0w framework part 1
  • Binary Exploitation Automation with Radare2
  • Developing Urgent11 Detection with Suricata

Archives

Categories

© sud0woodo 2021. Powered by WordPress