All Posts by Category
NSEC 2020 - Dreamcast
May 19, 2020
Walkthrough of the two Dreamcast challenges from NorthSec 2020. Starting with a quick overview of the Dreamcast architecture then quickly pivoting into analyzing the provided roms follow along as I cover my approach and solution to the challenges.
NSEC 2020 - Crackme
May 18, 2020
Walkthrough of the 6 crackme challenges from NorthSec 2020. With increasing difficulty, and not necessarily with the reversing portion itself, I was able to finish all 6 for my team. Follow along as I step through my solutions and add...
Buffer Overflows - CTF Prep
September 28, 2019
A practical buffer overflow case study presentation to our local red team explaining basic concepts and approaches.
Hack the Box - Registry
April 5, 2020
HTB Registry machine walkthrough. Working with insecure Docker credentials we manage to extract a SSH key and corresponding password crumbs for an initial user foothold. Following that access we find a sqlite file containing Bolt CMS admin credentials. Logging into...
Hack the Box - Sniper
April 4, 2020
HTB Sniper machine walkthrough. From an initial LFI/RFI foothold within the company website, to abusing malicious Windows help files, Sniper presents the story of a disgruntled developer and their middle finger to the Administrator/CEO on their way out. Sniper was...
Hack the Box - Forest
April 3, 2020
HTB Forest machine walkthrough. Forest started with Windows enumeration using SMB and LDAP queries that lead to leveraging a lingering service account with PRE_AUTH disabled for user access. Once on the machine, we were able to abuse the existing Active...
Hack the Box - Postman
March 14, 2020
HTB Postman machine walkthrough. Postman was a quick, simple machine from HTB. We start off with a redis exploit for initial foothold, then pivot to user by using JTR to crack a backup SSH key before finally using an authenticated...
Hack the Box - Bankrobber
March 7, 2020
Starting with a client side XSS exploit to get admin app credentials, then chaining it with a localhost code execution bypass we get a user priviledged shell. A suspicious app running locally as System then presented a ... delicate ......
Hack the Box - Zetta
March 1, 2020
HTB Zetta machine walkthrough. Starting with an FTP FXP IPv6 leak, to an rsync brute-force for user access to the machine. Once on, chained custom syslog messages with a postgres SQL injection to pivot user access. Finally, a dubious password...
Hack the Box - AI
February 4, 2020
HTB AI machine walkthrough. Initial portions were more frustrating than complicated, reminiscent of daily struggles dealing with various home assistants. Once foothold was established priviledged escalation to root involved abusing a java debugging process running locally.
Hack the Box - Bitlab
January 11, 2020
HTB Bitlab machine walkthrough. A fun little box that has us work through gitlab based exploitation. From erroneously stored user credentials, to uploading and merging our own files to the project, to finally exploiting hooks to execute our own code...
Hack the Box - Craft
January 7, 2020
HTB Craft machine walkthrough. A well designed moderate box from HTB that exemplified bad coding practice, sensitive data disclosures and token abuse into root.
Hack the Box - Wall
December 18, 2019
HTB Wall machine walkthrough. An easy Linux machine from HTB that focused on RCE WAF bypass to establish an initial foothold then a direct pivot to root using a vulnerable suid binary.
Hack the Box - Heist
November 30, 2019
HTB Heist machine walkthrough. Credential harvesting and spraying, dumping a running process to capture further credentials and a final credential spray to get Administrator access.
Hack the Box - Chainsaw
November 23, 2019
HTB Chainsaw machine walkthrough. Anonymous ftp connections, smart contract abuse, InterPlanetary File System and cracked password protected ssh private keys for user pivot. A loosely defined SUID file and PATH hijacking for root shell then finally leveraging root.txt's slack space...
Hack the Box - Networked
November 16, 2019
HTB Networked machine walkthrough. Generally discussed as the easiest of the active boxes at time of retirement there is nothing particularly complex with getting to root.
Hack the Box - Jarvis
November 9, 2019
HTB Jarvis machine walkthrough. Jarvis involved a SQL Injection and a web-shell for initial foothold into sudo and filter bypass to User pivot with a final systemctl abuse to pivot into root.
Hack the Box - Haystack
November 2, 2019
HTB Haystack machine walkthrough. A particularly well designed ELK (Elasticsearch, Logstash, Kibana) based machine offering a chance to dig into the full logging stack.
Hack the Box - Safe
October 26, 2019
HTB Safe machine walkthrough. A contentious box from HTB requiring a custom developed ROP (return-oriented programming) exploit tied into cracking a KeepPass database.
Hack the Box - Ellingson
October 19, 2019
HTB Ellingson machine walkthrough. Web enumeration and python console abuse for initial foothold, finding sensitive backup files and hashcat cracking for User pivot, finally into a ROP based overflow exploit for root priviledge escalation.
Hack the Box - Writeup
October 12, 2019
HTB Writeup machine walkthrough. A relatively easy with an 'out-of-the-box' CMS exploit for User priviledges and an interesting login behavior abuse to pivot to root from there.
IBM Quantum Challenge 2020
May 9, 2020
Overview and walkthrough of the IBM 4th anniversary Quantum Challenge excercises and my solutions.
Quantum Computing - Hello World
February 9, 2020
An introductary look into Quantum Computing including the mechanics, concepts and mathematics involved. The focus will then shift to a practical implementation of these concepts using simulated environments and the qiskit python framework.