Home
oxasploits

Writing the shortest valid C quine

For a while, I have had a fascination with code poetry (also things like “perl golf”). Elegance is quite beautiful, really. What is a quine? In short, it is a program that prints its own sourc...

Cracking Bitcoin wallet.dat passwords using John

Inspriation This article is inspired by my other article on cracking /etc/shadow hashes with John the Ripper. I’ve seen some people asking about a hot topic these days, bitcoin wallet recovery....

Backdoors embedded along side installers

What is PyInstaller and why do we need it? PyInstaller is basically a binary that includes bundled within: python, your python dependancies, your python scripts, as well as any other binaries (....

Enumerating SUID files targeted for priv esc

Background One of the methods hackers utilize in getting root, or escelating of their priveleges on a system of some kind, is to explot system binaries that are set to run as a user other than t...

Lock binaries in memory using vmtouch cache

What does this really accomplish? Our goal here is to first look at reads on everything you commonly use when you use a linux computer, where be it common command line utilities, or GUI apps suc...

The importance of autonomous backups

Why do I need backups? The simple answer: You never know when you will need them, but when you need them, you really need them. With the internet rampet with viruses and worms infecting machines...

Anatomy of a hardened Apache2 configuration

Some Suggestions This guide applies to Apache 2.4+. I cover most things here, but anything else is easily found at the Apache2 documentation site. So first I want to suggest that you break up ...

Jekyll minification optimization

Jekyll minify intro So as you can see, I build websites with Jekyll static site generator a lot. The problem with this is the jekyll implementation is usually used on GitHub for internal sites,...

Chipmonk with NUT to event script power outages

Ah, shit. The power went out. So you just found the key, almost have the exploit at a PoC state where it fin… Wait what? The power went out! You just lost your last 10 minutes in between commit...

Bypass with SQLi, PHP, XPath, and LDAP injection

Introduction to Authentication and Authorization One of the most obvious things us as hackers need to do is bypass authentication methods. As authentication and authorization are different, you ...

Deliverance Fuzzing File Descriptors

File Descriptors A file descriptor identifies where a file is opened in a computer system’s memory. File descriptors are most commonly used for reading and writing to files, usually on disk. The...

Cracking hashed passwords with John the Ripper

A John the Ripper tutorial So… you have finally rooted the server and aquired the coveted /etc/shadow file. You want to reassure your access later on. What do you do now? If installing a root...