Leet Sheets

In this lab, we’ll exploit an MD5 length extension vulnerability in a web application to gain initial access. From there, we’ll escalate privileges by abusing sudo permissions on safe-backup. We’ll encrypt our own SSH key backup and cleverly decrypt it directly into the /root/.ssh directory, effectively compromising the target.

This walkthrough covers the exploitation of an intermediate Linux box in Proving Grounds, focusing on a multi-step process to gain root access. Key techniques include FTP access, SQL injection, and privilege escalation through local vulnerabilities, culminating in root shell access via Jenkins exploitation.

This walkthrough covers an intermediate-level box, "BillyBoss," from Offsec’s labs, rated as "Very Hard" by the community. It begins with enumeration using Nmap and Gobuster, leading to an exploit of a web application’s file upload functionality. Privilege escalation is achieved by leveraging Active Directory credentials and specific system privileges, ultimately gaining root access. Techniques include directory fuzzing, reverse shell creation, hash cracking, and privilege abuse.

This content outlines a cybersecurity breach at "megacorpone.com," detailing an escalating series of incidents. It begins with unauthorized RDP access, followed by suspicious C2 communications, tool execution for network mapping, persistence on a file server, data exfiltration, and final C2 activity. The timeline suggests a significant breach with sustained unauthorized access and potential data loss.

This walkthrough demonstrates a cyber exploit on a **PlanetExpress** server. It begins with **Nmap** and **ffuf** scans to identify open ports and hidden directories, leading to access via a **PHP-FPM FastCGI** vulnerability. Using remote code execution, the attacker gains a reverse shell and escalates privileges by exploiting a misconfigured **SUID binary** to access root credentials. The root password is then cracked with **John the Ripper**, completing the attack. The guide highlights key penetration testing tools and tactics for server exploitation and privilege escalation.

Investigating the hidden dangers of Windows shortcut files with in-depth analysis of the 'trick or treat.lnk' file. Discovering how attackers use .lnk files to launch malicious PowerShell commands, obfuscate payloads, and compromise systems. This challenge writeup includes a hex dump breakdown and decryption insights, ideal for cryptography enthusiasts.

Uncover the secrets in the 'Sugar Free Candies' HackTheBoo 2024 CTF challenge! Dive into a cryptic journey where symbol-etched cyber candies and mysterious code lead you through a shadowy forest. Perfect for cryptography enthusiasts and those seeking a spooky twist on code-breaking this Halloween!

Discover the Sekur Julius Halloween cryptography challenge! Dive into a mysterious forest where an ancient scroll holds dark secrets. Uncover clues in encrypted messages, navigate spooky symbols, and test your skills in Hack the Box's 'Very Easy' crypto challenge. Perfect for both beginners and enthusiasts looking for a Halloween thrill!

This guide outlines the process of building an ML-based malware detection system, emphasizing supervised learning for binary classification, careful sample handling, feature extraction, model training, testing, deployment, and ongoing updates to maintain accuracy.

In an era of increasing cyber threats, endpoint threat hunting enables proactive identification of malicious activities on devices, focusing on Indicators of Compromise (IoCs) such as network-related, file-related, and behavioral IoCs. Logs, especially enhanced by Sysmon, are vital for uncovering suspicious behavior. Modern security relies on Endpoint Detection and Response (EDR) solutions that offer deep insights and active threat response capabilities, surpassing traditional antivirus tools.

This write-up details the investigation of a ransomware incident involving CLIENT02, focusing on network artifacts such as IDS logs and Splunk queries to identify IoCs related to LockBit ransomware. The process involves using threat intelligence tools to analyze destination IPs and full packet captures with Wireshark, aiming to track down the origin of the attack.

In OffSec TH-200 Module 3, the importance of timely intelligence and effective communication in threat hunting is highlighted. Key concepts include leveraging Operational, Tactical, and Technical Threat Intelligence for detecting threats like Emotet, and employing the Traffic Light Protocol (TLP) for secure and controlled information sharing during incidents to prevent data breaches.

Ransomware actors, motivated by financial gain, utilize tactics like phishing, exploiting vulnerabilities, and Initial Access Brokers to infect systems. The Ransomware-as-a-Service model enables lesser-skilled criminals to profit from these attacks. The attack process includes encryption, ransom demand, and payment typically in cryptocurrency. Modern strategies include double and triple extortion, combining data encryption with data theft to pressure victims.

In OffSec TH-200 Module 2, Section 1, key cybersecurity threat actors are explored, including cybercriminals like script kiddies, hacktivists, and ransomware groups, as well as sophisticated APTs and insider threats. Each group possesses distinct motivations and impacts on organizations, necessitating robust defense strategies.

The Offsec TH-200 course's Module 1 covers threat hunting in cybersecurity, focusing on proactive detection of threats as opposed to reactive SOC alerts. Threat hunting is categorized into in-house teams and third-party services, which enhance security by offering various detection solutions. The Threat Hunting Maturity Model outlines five levels of implementation based on data collection and analysis sophistication. Effective threat hunting consists of triggering a hypothesis, investigating, and resolving threats.

The objective of the task was to simulate hacking into a Linux system. We gained unauthorized access using the username and password found on a sticky note. We answered questions about passwords and escalated our privileges to the root account. This exercise highlighted vulnerabilities and provided practical experience in penetration testing techniques.

The author analyzes a challenge called Shark on Wire 1 in picogym related to wireshark. By using filters and tools like chatgpt, the author explores the pcap file and identifies TCP/UDP streams. After trying different stream indices, the author discovers a flag in stream 6. The flag is accepted when inputted.

The picoCTF 'trickster' challenge involves uploading PNG files on a web application. After successfully uploading a PNG image, the user discovers that the site validates file types based on magic bytes. Exploring the server reveals an uploads directory, prompting the user to exploit the upload functionality by modifying file hexadecimals to insert PHP web shells disguised as PNG files. The author details the steps taken to bypass validations and discusses decoding PNG encoding.

The picoCTF challenge 'SOAP' focused on exploiting an XXE vulnerability. Initial reconnaissance reveals a static interface with buttons triggering XML-based interactions. Analyzing through BurpSuite confirms the presence of XML input, which was manipulated to inject a XXE payload, successfully revealing the flag.

Introducing the RogueWave Hack Tail Accessory, the ultimate portable pentesting tool with WiFi and Bluetooth capabilities, dual power options, and seamless connectivity. Ideal for capturing packets, managing IoT devices, and executing remote operations using apps like ConnectBot and Termius. With 512 MB RAM, it supports advanced hacking tasks while blending into any environment.