ITSEC Newsletter 2025-02-13

Author

Henrik Falk
February 13, 2025

Bring Your Own Trusted Binary (BYOTB) - BSides Edition

Recently, I presented a talk on the main stage at BSides London 2024 and the topic I chose to present on was in regards to bringing trusted binaries to a system and using them in an adversarial fashion. This post will cover what I presented and how to use these binaries in detail.

labs.jumpsec.com/bring-your-own-trusted-binary-byotb-bsides-edition

ROPing our way to RCE

The original plan was to target CVE-2018-100881, a buffer overflow vulnerability for which an existing exploit2 only crashes the server but does not gain RCE. But as with most of these journeys, there’s rarely a straight path, and more often than not, adaptation is key. So along the way, I discovered new paths, learned about the ARM architecture, and built a ROP chain that was delivered via a web request and reused the same connection as a shell.

modzero.com/en/blog/roping-our-way-to-rce

Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus

If you’re looking to set up your own lab for practicing offensive and defensive security techniques, this post is for you. In this guide, I’ll walk you through my experience with Ludus and demonstrate how to build a red team lab using this tool—the simplest and most efficient method I’ve discovered so far. The lab will feature an Active Directory environment (using GOAD) integrated with an XDR/SIEM solution (Wazuh).

xphantom.nl/posts/Offensive-Security-Lab