CVE-2022-4510

Writeup of the room called "Pilgrimage" on HackTheBox done for educational purposes.

Pilgrimage As a first step I ran a quick scan with nmap on all available ports $ sudo nmap -sS -Pn --max-retries 1 --min-rate 20 -p- 101011219 [sudo] password for kali: Starting Nmap 793 ( nmaporg ) at 2023-09-15 15:01 CEST Warning: 101011219 giving up on port because retransmission cap hit (1) Nmap scan report for 101011219 Host is up (0042s latency) N

Python script that generates pfs payloads to exploit CVE-2022-4510

BadPfs Python script that generates pfs payloads to exploit CVE-2022-4510 Simply create a pfs payload using the script When binwalk is run with -e on the payload, a file can be overwritten with the permission of binwalk This example will overwrite /etc/sudoers with the contents of /data when it is opened with -e through binwalk This is a great way to privesc # python3 BadP

天问之路

天问之路 虽然没有进入知识星球，但我也很向往这样的记录。在此会记录我自己的“天问之路” 第一周（20231225-20231231） 主要任务：学习Win32编程，Shellcode，Anti-sandbox 先熟悉了一下Win32的API，看了官方文档的桌面向导案例制作一个窗口应用(比c#实现复杂) 弄了一下按钮的实现

A Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk. It supports SSH, command execution, and reverse shell options. Exploits are saved in PNG format. Ideal for testing and demonstrations.

CVE-2022-4510-Binwalk This script allows you to generate exploits for targeting CVE-2022-4510 Binwalk vulnerabilities The exploits can be used for testing and demonstrations The supported options include SSH, command execution, and reverse shell Prerequisites Python 3x Usage Clone the repository or download the script file Run the script with the desired options The av