Reverse shell on AIX 7.2

( Original text by astr0baby ) The current msfvenom (metasploit) payloads for AIX are aged and do not work on AIX systems anymore.  Here is an example of what is available right now # ./msfvenom -l payload | grep aix aix/ppc/shell_bind_tcp Listen for a connection and spawn a command shell aix/ppc/shell_find_port Spawn a shell on an […]

Read More

Java Deserialization — From Discovery to Reverse Shell on Limited Environments

( Original text by By Ahmed Sherif & Francesco Soncina ) n this article, we are going to show you our journey of exploiting the Insecure Deserialization vulnerability and we will take WebGoat 8 deserialization challenge (deployed on Docker) as an example. The challenge can be solved by just executing sleepfor 5 seconds. However, we are going to move further for fun and try to […]

Read More

Linux Privilege Escalation via Automated Script

( Original text by Raj Chandel ) We all know that, after compromising the victim’s machine we have a low-privileges shell that we want to escalate into a higher-privileged shell and this process is known as Privilege Escalation. Today in this article we will discuss what comes under privilege escalation and how an attacker can identify that […]

Read More

Undetectable C# & C++ Reverse Shells

Index Attacks list: Open a simple reverse shell on a target machine using C# code and bypassing AV solutions. Open a reverse shell with a little bit of persistence on a target machine using C++ code and bypassing AV solutions. Open C# Reverse Shell via Internet using Proxy Credentials. Open Reverse Shell via C# on-the-fly compiling […]

Read More