Ekoparty 2022 BFS Windows Challenge
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022.
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022.
In the last post we explored how to exploit the rainbow2.exe binary from the vulnbins repository using WriteProcessMemory & the "skeleton" method. Now we are going to explore how to use VirtualProtect and instead of setting up the arguments on the stack with dummy values and then replacing them, we...
In this post I will show an example on how to bypass DEP with WriteProcessMemory. This is a bit more complicated than doing it with VirtualProtect but nonetheless an interesting technical challenge. For the target binary I will use rainbow2.exe from my vulnbins repository.