Home
oxasploits.com | oxasploits
Cancel

A quick walkthrough of how to crack hashed passwords with John the Ripper

So you’ve aquired a shadow file So… you have finally rooted the server and aquired the coveted /etc/shadow file. You want to reassure your access later on. What do you do now? If installing a...

Password cracking wordlists reprise

Intro These wordlists are some of my favorite to use for password cracking. Generally the larger the wordlist the longer it will take to crack a password, but the higher probabilty it will be i...

Site wide release of my semi-private exploit archive

What is in this dump? All of these exploits are originally coded by oxagast / Marshall Whittaker. Some of them were already known vulnerabilities that I took and re-evaluated then wrote an expl...

CVE-2019-15947 Bitcoin Core bitcoin-qt crash dumps contain wallets

What is stored in crash dumps? The basic idea behind a crash dump is on abnormal program failure (a fault, or kill signal) the operating system will sometimes (depending on settings) dump core o...

Fuzzing network services with Fuzzotron and Radamsa modified pcap testcases

What’s Da Fuzz One method of finding unknown vulnerabilties is simply shooting a bunch of trash data at a program to see how it reacts, and trapping any error codes. We can fuzz TCP or UDP serv...

Crash course in Elasticsearch Logstash and Kibana log aggregation

Background So sometimes it’s great to be able to take loads of data and condense them into a visualized queryable form. What I find the technology particularly usefor for, since I run things u...

An Intermediate Iptables Configuration Walkthrough

Intro The built-in (kernel level) linux firewall, iptables, can be daunting to attempt to use, however is a simple redirection filter in practice. I have used iptables from everything from securin...

A simple x86_64 stack based buffer overflow exploitation with gdb

Background The basic idea behind a C buffer overflow is pretty simple. You have a buffer, a chunk of memory reserved for the purpose of storing data. To the outside of this on the stack (which ...

Exploit dev and vulnerabilty researcher for hire!

I am for hire! I am looking for roles in (0-Day and N-Day) exploit dev, vulnerability research, as well as other redteam careers. I know C, C++, Perl, Bash, Ruby, Javascript, Python3, and some x8...

A bash wildcard expansion to arbitrary command line arguments (globbing abuse) whitepaper

Background A lot of my research into bugs goes unfounded, and very seldom do I find a bug by actually looking for it, so much as it was just a typo or something. So when I realized that the wildc...