Reverse engineer a chat program and write a script to exploit a Windows machine.

Image for post
Image for post

NMAP Scan:

nmap -sC -sV -Pn -T4 10.10.175.210 — disable-arp -oX chatserver_nmap.xml

  • sC = default scrip scan
  • sV = version scan
  • n = disable DNS resolution
  • T4 = Aggressive scan
Image for post
Image for post

First step is to grab the chatserver.exe and essfunc.dll using ftp from the target machine to your local machine for debugging.

Image for post
Image for post

Open Immunity Debugger as Administrator from your local machine then attach chatserver.exe and hit F9 to run the program.

Image for post
Image for post

Check how the application behaves using netcat. …

About

Clarence Subia

Experienced Network Security Engineer with a demonstrated history of working in the field of IT security industry.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store