Boschko Security Blog

NorthSec 2022 CTF Shiitakoin Exchange Solution

Unintended solution to "Shiitakoin Exchange" web challenge centred around an unusual scientific notation bug in MySQL

Using NVIDIA's leaked certificate to improve anti-kill

Quick little article on how to leverage Nvidia's certificates to lower payload detection in unsophisticated environments. Your implants definitely shouldn't rely on this technique. However, it's nice to see the detection difference from VirusTotal. Little back story on this. In early 2022 Lapsus$ group leaked a bunch of Nvidia's internal

Web

Hijacking League of Legends Accounts

A tale of stealing from Chinese boosters & their win-trading accounts.

ATM Hacking

ATM/Kiosk Hacking

Solving the ATM/Kiosk hacking challenges from Positive Hack Days Payment Village.

Reverse Engineering

The Braindead Buffer Overflow Guide to Pass the OSCP Blindfolded

OSCP / eCPPT braindead buffer overflow guide

Windows Internal

Cobalt Strike Process Injection

Discussing the various methods that Cobalt Strike uses to perform process injection.

Penetration Test

From Default Printer Credentials to Domain Admin

The tail of a Xerox pass-back-attack. How to exploit trust relationships between devices that are generally considered benign.

Reverse Engineering

QueryFullProcessImageNameW Under-the-Hood - Reversing NtQueryInformationProcess

How a path across processes can be obtained from PEB's LDR linked list through QueryFullProcessImageNameW under the hood.

Windows Internal

Dynamically Retrieving System Call (syscall) Leveraging PTEs

Locate instantiated PTE by leaking the base address and dynamically using read primitive to retrieve the syscall id.

Hardware Hacking

Thanks Fo' Nut'in - Hacking YO's Male Fertility Sperm Test

Thanks Fo' Nut'in - Tearing down a medical IoT device & obtaining a root shell 3 different ways.

Windows Internal

Direct System Call (syscall) Process Injection to Avoid Anti-Kill

Quick n’ Dirty syscall process injection

Hardware Hacking

NorthSec 2021 Badge Writeup

[Hardware Hacking] Solving all 10 flags + easter eggs within the NorthSec 2021 CTF badge.