Tag: python
-
Defhawk CTF Writeup – NextJS Middleware Bypass
In this article, I will walk you through a CTF that simulates the NextJS middleware bypass vulnerability described in CVE-2025-29927. I will also discuss a simple Python POC that Google Gemini wrote for me. This helped me understand the vulnerability and find the flag. CTF Description https://defhawk.com/battleground/raid/appliedoffsecandwebsecurity/fakeestate The CTF link provides the following description: “You…
-
Recmos Rat Basic Analysis Using BinaryRefinery
As part of my malware analysis learning journey, I came across this interesting analysis by @Cryptoware at https://www.youtube.com/watch?v=YPQuru6RISo&ab_channel=CryptoW%40re. The analyst uses the regular expression based, find-and-replace feature of SublimeText, to de-obfuscate a RemcosRat Malware Sample (Windows BAT file variant). The BAT file has 2 components – a part obfuscated in Arabic text and another base…
-
Finding the PE Magic header using Windbg
I have been learning Windbg lately and try to apply what I have learnt via simple experiments on Window files. Here is how I was able to extract the magic header – MZ of an EXE image. After opening the binary into Windbg, First, lets get the image base address using lm (load modules). The…
-
TryHackMe Basic Malware RE -Strings::Challenge 3
Introduction This series of posts provides a writeup of the tools and methods I used to crack the Malware RE samples listed in the following THM Room – https://tryhackme.com/r/room/basicmalwarere. In this writeup, we look at the 3rd challenge (Strings3). I am a malware RE newbie and these methods are by no means the best way…
-
TryHackMe Basic Malware RE -Strings::Challenge 2
Introduction This series of posts provides a writeup of the tools and methods I used to crack the Malware RE samples listed in the following THM Room – https://tryhackme.com/r/room/basicmalwarere. In this writeup, we look at the 2nd challenge (Strings2). I am a malware RE newbie and these methods are by no means the best way…
-
TryHackMe Basic Malware RE -Strings::Challenge 1
Introduction This series of posts provides a walkthru of the tools and methods I used to crack the Malware RE samples listed in the following THM Room – https://tryhackme.com/r/room/basicmalwarere. I am a malware RE newbie and these methods are by no means the best way to crack the samples and find the flag. Comments and…
Cyber Learnings 