csuttles (⌐■_■)

Memento Mori

I see a lot of high quality content from the people that put on Nahamcon so I was excited to participate in the CTF. I didn't get as much time to spend on it as I hoped, but I did get a chance to do the scripting challenge "Rotten". I found a good write up for this challenge which is basically the same approach but with pwntools: https://github.com/csivitu/CTF-Write-ups/tree/master/NahamCon%20CTF/Scripting/Rotten The code for this walkthrough is here: https://github.

It's been a while since I posted a writeup, and a machine I really enjoyed was recently retired from hackthebox.eu, so here's a walkthrough of Forest. Recon I always start a hackthebox.eu machine by adding the hostname to my /etc/hosts. Here's the output of nmap -sV -O -A -T5 -p- forest [*] Nmap: Nmap scan report for 10.10.10.161 [*] Nmap: Host is up (0.068s latency). [*] Nmap: Not shown: 65511 closed ports [*] Nmap: PORT STATE SERVICE VERSION [*] Nmap: 53/tcp open domain?

I finally got on hackthebox.eu after wanting to go for it for a while. Over the holiday break I leaned in and was able to successfully own 13 machines in 17 days, and achieve the rank of "Pro Hacker". I learned a lot about attacking and defense over the last couple of weeks, and the lessons learned have already paid dividends when I returned to work (at my job that is not InfoSec).

After all the fun I've had doing vulnhub boxes with my friends, I wanted to try to solve one by myself to switch things up a bit. I downloaded DerpNStink: 1 from vulnhub, and got to work. Author Blurb Difficulty: Beginner Description: Mr. Derp and Uncle Stinky are two system administrators who are starting their own company, DerpNStink. Instead of hiring qualified professionals to build up their IT landscape, they decided to hack together their own system which is almost ready to go live.

I got together with my buddies, and we did another "boot to root" Vulnhub box. This time, we did "Wallaby's: Nightmare (v1.0.2)" Author Blurb This is my first boot2root machine. It's beginner-intermediate level. It's been tested in VBox and VMware and seems to work without issues in both. A tip, anything can be a vector, really think things through here based on how the machine works. Make a wrong move though and some stuff gets moved around and makes the machine more difficult!

A few friends and I have been getting together to play around with Pentesting, and one of our recent adventures was HackInOS from Vulnhub. Here's the author's description of this vulnerable machine: HackinOS is a beginner level CTF style vulnerable machine. I created this VM for my university’s cyber security community and all cyber security enthusiasts. I thank to Mehmet Oguz Tozkoparan, Ömer Faruk Senyayla and Tufan Gungor for their help during creating this lab.