Smashing the z/OS LE “Daisy” Chain for Fun and Cease and Desist letters (GUEST POST)

The following is a cross-post from REDDIT, reposted here with permission from the author  @_Ciq (twitter)  –  Excellent write-up!!! -BeS <Big wall of text trigger warning.> Over the past few months I’ve been becoming increasingly interested in the CTF concept; finding (purposely built) flaws in software and exploiting them so that arbitrary code can be… Continue reading Smashing the z/OS LE “Daisy” Chain for Fun and Cease and Desist letters (GUEST POST)

The reverse shell

A much slimmer and simpler complement to the bind shell.  Come see my talk at Derbycon this Saturday 5:30pm at  and learn about how you (yes you) can put this to use in your pentests! This version does not have a built-in EBCDIC encoder/decoder like the bind shell below.   The client (or framework??) is responsible for… Continue reading The reverse shell