Nahamcon CTF

Nahamcon CTF

Saturday, Jun 13, 2020

@ Chris Suttles

I see a lot of high quality content from the people that put on Nahamcon so I was excited to participate in the CTF. I didn't get as much time to spend on it as I hoped, but I did get a chance to do the scripting challenge "Rotten". I found a good write up for this challenge which is basically the same approach but with pwntools: https://github.com/csivitu/CTF-Write-ups/tree/master/NahamCon%20CTF/Scripting/Rotten The code for this walkthrough is here: https://github.
Hugo on Netlify

Hugo on Netlify

Monday, Jun 1, 2020

@ Chris Suttles

Hello from Hugo! on Netlify I was running my blog on AWS for a long time, and using Ghost to serve my content. That was nice for a while, but I had a lot of features I didn't care about and I felt as it grew it started to get too "wordpressy". I don't want a thousand widgets and WYSIWYG nonsense. I want an easy way to publish content, preferably via markdown.
Extending the Azure Batch Python Quickstart

Extending the Azure Batch Python Quickstart

Saturday, May 23, 2020

@ Chris Suttles

What is this? This is a fun little project I did to try to take some a simple Azure Quickstart post and enhance it to do something a little more (?:interesting|useful|realistic). Challenge yourself Can you accomplish the end goal of this lab without looking at the solution? If you looked at the solution and ran it, can you change it to make it do something else, like transcode videos or one of the other common uses of batch?
Black Hat Python

Black Hat Python

Friday, Apr 17, 2020

@ Chris Suttles

I've been reading and coding my way through the book "Black Hat Python" by Justin Seitz and really enjoying it. I'm only about halfway through it s far, but I've enjoyed it so much I wanted to share my experience so far. csuttles/ctlfish Tooling and dev doodles related to my activities on hackthebox.eu and other ethical hacking endeavors. - csuttles/ctlfish csuttles GitHub You can find the code corresponding to this post in the 'net' directory of this repo Checkpoint - Where am I now?
Forest

Forest

Friday, Mar 27, 2020

@ Chris Suttles

It's been a while since I posted a writeup, and a machine I really enjoyed was recently retired from hackthebox.eu, so here's a walkthrough of Forest. Recon I always start a hackthebox.eu machine by adding the hostname to my /etc/hosts. Here's the output of nmap -sV -O -A -T5 -p- forest [*] Nmap: Nmap scan report for 10.10.10.161 [*] Nmap: Host is up (0.068s latency). [*] Nmap: Not shown: 65511 closed ports [*] Nmap: PORT STATE SERVICE VERSION [*] Nmap: 53/tcp open domain?
HackTheBox

HackTheBox

Saturday, Jan 11, 2020

@ Chris Suttles

I finally got on hackthebox.eu after wanting to go for it for a while. Over the holiday break I leaned in and was able to successfully own 13 machines in 17 days, and achieve the rank of "Pro Hacker". I learned a lot about attacking and defense over the last couple of weeks, and the lessons learned have already paid dividends when I returned to work (at my job that is not InfoSec).
Packet Captures and DNS

Packet Captures and DNS

Wednesday, May 15, 2019

@ Chris Suttles

Overview During troubleshooting, you might find it useful to determine what is happening on the wire. While tcpdump is a great tool for capturing packets, it's does not offer the same level of filtering capability as tshark. While it may be easier to simply copy a capture file locally and use wireshark, sometimes restrictions prevent this approach. Capture and Save with tcpdump Capturing and saving to disk is my favorite way to review wire traffic.
DerpNStink: 1

DerpNStink: 1

Wednesday, May 8, 2019

@ Chris Suttles

After all the fun I've had doing vulnhub boxes with my friends, I wanted to try to solve one by myself to switch things up a bit. I downloaded DerpNStink: 1 from vulnhub, and got to work. Author Blurb Difficulty: Beginner Description: Mr. Derp and Uncle Stinky are two system administrators who are starting their own company, DerpNStink. Instead of hiring qualified professionals to build up their IT landscape, they decided to hack together their own system which is almost ready to go live.
Wallaby's: Nightmare (v1.0.2)

Wallaby's: Nightmare (v1.0.2)

Sunday, May 5, 2019

@ Chris Suttles

I got together with my buddies, and we did another "boot to root" Vulnhub box. This time, we did "Wallaby's: Nightmare (v1.0.2)" Author Blurb This is my first boot2root machine. It's beginner-intermediate level. It's been tested in VBox and VMware and seems to work without issues in both. A tip, anything can be a vector, really think things through here based on how the machine works. Make a wrong move though and some stuff gets moved around and makes the machine more difficult!
HackInOS Boot to Root

HackInOS Boot to Root

Friday, Apr 26, 2019

@ Chris Suttles

A few friends and I have been getting together to play around with Pentesting, and one of our recent adventures was HackInOS from Vulnhub. Here's the author's description of this vulnerable machine: HackinOS is a beginner level CTF style vulnerable machine. I created this VM for my university’s cyber security community and all cyber security enthusiasts. I thank to Mehmet Oguz Tozkoparan, Ömer Faruk Senyayla and Tufan Gungor for their help during creating this lab.

Social Links