I was very excited to see the announcement on twitter, that Fusion was going to be released, even if it’s just the first 10 levels. I was a bit bummed, as I didn’t think I’d get to work on it much, until I complete PWB, but I managed to find a little time to at least start it. I …

I recently decided to take Offensive Security’s course, Penetration Testing with Backtrack. I’m now 30 days in, of my 90 day allotment. I figured I would share my impressions and what I’ve learned up to now, without being specific enough to give anything away to future students. …

I’ve read a ton of articles on bypassing Antivirus software when trying to run shellcode on machines. There’s just a ton available. These are just a few examples:

• http://dev.metasploit.com/redmine/projects/framework/wiki/Using_a_Custom_Executable_to_Bypass_AV …

I know there are a few different methods to the new Kioptrix 4 boot2root. Unfortunately, I could not find the remote root exploit that is mentioned, but my method used several tools, and privilege escalation.

Tools used:

• Backtrack 5 VM
• Nmap
• SqlMap

To start out, I had to find the machine on the …

The last in the Net series of Protostar is Net 3. It was of course the most difficult of all of them. However, it still wasn’t too bad.

First, we’re given the following code:

#include "../common/common.c"

#define NAME "net3"
#define UID 996
#define GID 996
#define …

So far, these Net challenges in Protostar have been pretty easy. This challenge, Net 2 got a small bit tougher.

We are given the following code:

#include "../common/common.c"

#define NAME "net2"
#define UID 997
#define GID 997
#define PORT 2997

void run()
{
 unsigned int quad[4]; …