bof steps (using tcm guide)

Below are the rough steps taken to perform a Buffer Overflow using TCM's guide from his Udemy course (although I think he has a guide on YouTube too, not sure if it's the exact same). The idea is to have key steps noted down here for future use if required.

• Run vulnserver and immunity debugger as admin, attach vulnserver and un-pause.
• On attacking machine connect to vulnserver e.g. nc -nv 192.168.1.100 9999 to review options.

Local File Inclusion to RCE

Below are rough notes on a recent HTB machine where a Local File Inclusion (LFI) led to a Remote Code Execution and access to the machine.

nmap returned a lot of open ports, running a directory browser using OWASP ZAP turned up multiple webapps.  One app kindly included it's version number on the page which made searching for known exploits very easy.