pwn> Finding the libc version

How to find the libc version without having its local copy.

Read more →

pwn> scanf and hateful dot

How to bypass the stack canary with . (dot) and scanf.

Read more →

pwn> ret2libc by example

How to perform the attack against the binary with randomized addresses of libaries in memory - ret2libc & pwntools by example.

Read more →

Expose Any Port With Ngrok

How to expose any port to the Internet without exposing your private IP (for free).

Read more →

Disable Aslr

Linux echo 0 | sudo tee /proc/sys/kernel/randomize_va_space radare2 # disable ASLR & reanalyse dor aslr=no aaa Windows Windows 7 Open RegEdit Goto: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ Create new value (not a key): MoveImages with value 0. Reboot. Windows 10 Disable ASLR per file Set-Processmitigation -Name name.exe -Disable ForceRelocateImages Disable ASLR by default Search in Windows for: “windows defender Security Center” Click on the second icon from the bottom: “App & browser control” Scroll to the bottom and click on: “Exploit protection settings” Set “Force randomization for images “ to OFF.
Read more →