Category Archives: Exploit

VulnHub Proteus Solution

      5 Comments on VulnHub Proteus Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Proteus Intro An Easy / Intermediate level CTF from https://twitter.com/viljoenivan This one takes on the appearance of a corporate malware analysis platform. and the description suggests we can not simply compile a kernel exploit to get root…. Read more »

VulnHub DonkeyDocker Solution

      No Comments on VulnHub DonkeyDocker Solution

For background information on this series of CTFs you may want to read this page. Or if your just after my solution please keep reading. Donkey Docker Intro An Easy / Intermediate level CTF from @dhn_ Link – https://www.vulnhub.com/entry/donkeydocker-1,189/ Difficulty – Easy / Intermediate My Solution As always we start with an nmap scan. root@kali:~/Desktop/setec-vpn# nmap -p- -sV -A 192.168.5.60 Starting Nmap 7.40… Read more »

Solving the SANS 2016 Holiday Hack Challenge

      9 Comments on Solving the SANS 2016 Holiday Hack Challenge

tldr; SANS released the 2016 Christmas Holiday Hack Challenge.This serves as my official submitted answer, and my offering to you dear reader in case you want to see how I approached the challenges. So settle in this is going to be a long post. At the time of writing the challenge is still live and SANS typically keep the servers… Read more »

USB Rubber Ducky and a New ToolKit

      7 Comments on USB Rubber Ducky and a New ToolKit

USB Rubber Ducky The USB Rubber Ducky is a product designed and Sold by Hak5. Essentially its a USB keyboard without any keys that you can pre-program a set of keystrokes on to. When the device is plugged in, its installed as a generic keyboard and will then type whatever you have scripted it to use. Duck Code Duck code is how… Read more »

Security Onion – Command Injection Vulnerability

      1 Comment on Security Onion – Command Injection Vulnerability

I recently needed to deploy an IDS and full packet capture on a small network. Fortunately the open source community has had such a thing for a while. Security Onion. A Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other… Read more »