The Final Countdown….with pwntools!

Soooo I fell over my own timetable this weekend. Didn’t get a chance to post any blog stuff or even my writeup for NetMon (which will be up tomorrow just in case you haven’t read enough of them). I got a bit engrossed in a box on HTB, its called Ellingson, and I can’t reccommend it enough!

Easily one of the most enjoyable boxes for me I think in a little while. I wont spoil anything but there is a tool that made my life easier….pwntools. Check out the documents for it and take it for a spin. I will go into a bit more detail on what I did with it when Ellingson is retired. Basically its a python tool, install it and its pre reqs and import it in your scripts to make use of its features. There are some command line functions, like making exploit templates that are handy outside of scripting. It makes things much easier when coding custom exploits or even executing simple commands via SSH across hosts or working with vulnerable CTF style binaries on remote ports. The possibilities seem pretty endless. Having only started working with it this weekend I have had to pull myself away from it really to get on with other things! So hats off to the creator, I feel I have hardly scratched the surface of what it can do, so its way up my list on things to test and work with post OSCP, I didn’t realise binary exploits could be so fun but I blew pretty much two whole days reading into these, there are so many different ways of doing things instead of the shell code buffer overflow, so much more to learn!!! So binary exploit loving aside back to the prep for OSCP….

Having crammed all last week going over various topics and brushing up on some retired boxes on HTB along with a few ITPRO.tv videos (again would really reccomend ITPRO.tv, they have some great courses for a very cheap price compared to other platforms and are useful for a quick review on topics and for deep dives on new topics) on some linux and windows command line tips and a fly through some of the ethical hacker courses on there, im feeling a bit more relaxed. I’ve come to the conclusion I can’t really cram much more before I start. I think its just going to be a case of hitting the labs and material running on Sunday and see what happens. Doing HTB machines, coding and reading daily however I think over the last few weeks has got me in the right mindset and I just want to get going now! I will post up Netmon and my initial material impressions about the course this week! Check out Ellingson in the meantime!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s