Extra, extra! Interesting stuff found on the internet in the past week!

This week really kicked off some awesome work on format string vulnerabilities! First, leonjza shows the process of writing an format string exploit in visual form. Next, c0ne made a great script to help with the tedious work that is involved when exploiting format strings.

I came across this technique for hiding bind shells by @BorjaMerino. I wonder if it is possible to port this to Linux…

To combat holiday boredom, a new VM was released on Vulnhub the other day, named Pegasus by Knapsy. It’s a very fun and tricky VM, I recommend it!

Super useful, something I have seen before, but then I lost the link: Use the Unofficial Bash Strict Mode (Unless You Looove Debugging) by Aaron Maxwell aka redsymbol.

Lastly, I always enjoy writeups about breaking botnet panels. This one by Malware Tech is quite entertaining.

I’d like to make this a recurring thing. Let me know what you think about it!