zacheller@home:~/blog$

  • Workshop - Shall we play a game?

    On Friday, February 7, I ran a workshop for STL 2600 at Arch Reactor. I conducted a guided walkthrough of OverTheWire’s Bandit, a CTF game designed to teach the essential skills for competing in more advanced CTF games. We went through the challenges as a group and played Bash golf...

  • TryHackMe - LazyAdmin

    Connect with OpenVPN for access to server at 10.10.108.85. Enumeration Let’s scan with nmap, but save it to a metasploit db. msfdb reinit msf5 > db_nmap -sV 10.10.108.85 Port 22 (SSH) and Port 80 (HTTP) are open. No credentials, so let’s check out the website being hosted. It’s a default...

  • Webinar - Shellcode for the Masses

    Shellcode for the Masses - Presented by John Hammond - EH-Net - Jan 29, 2020 Ethical Hacking Breakdown Pentesting Network WebApp Mobile Red Teaming Physical SE Forensics System, OS Network Incident Response Threat Hunting Adv Sim Dev Exploit RE What is Shellcode? Code that will return a remote shell when...

  • RiceTeaCatPanda CTF - Writeup

    CTF location: riceteacatpanda.wtf Cryptography Title: Don’t Give The GIANt a COOKie Description: It was just a typical day in the bakery for Delphine. She was preparing her famous chocolate cake, when all of a sudden a GIANt burst through the doors of her establishment and demanded a cookie. Being the...

  • TryHackMe - blue

    Enumeration IP: 10.10.61.181 $ nmap -sV 10.10.61.181 Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-09 16:27 EST Nmap scan report for 10.10.61.181 Host is up (0.16s latency). Not shown: 991 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open...

  • TryHackMe - RP-Metasploit

    ## Initializing... Initialize the database with: $ msfdb init We can view some of the advanced options we can trigger for starting the console using the command: $ msfconsole -h Quiet start $ msfconsole -q Check that we’ve connected to the database > db_status msf5 uses postgresql. Rock ‘em to...

  • Meetup - STL 2600 + DC314 Lightning Talks

    Topic Notes ZeroNet developer gave a demo and talk about the tech behind decentralized websites Making Aliases Dont make something up (we are bad at random) Pick a favorite character (not a main character) Let the internet fill in the blanks If asked about your name, practice “Michael Bolton” Create...

  • Vulnhub - Nullbyte 1

    Scanning and Enumeration DHCP Server: 10.10.10.1 Attacker-Kali: 10.10.10.2 NullByte: 10.10.10.3 $ nmap -sV 10.10.10.3 Nmap scan report for 10.10.10.3 Host is up (0.00027s latency). Not shown: 997 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.10 ((Debian)) 111/tcp open rpcbind 2-4 (RPC #100000) 777/tcp open ssh OpenSSH...

  • Defend The Web - Crypt

    Crypt 1 / Crypt $ echo " tpyrcoow :ssap siht retne level siht etelpmoc oT .rewop niarb fo tol a yolpme ot deen lliw uoy ,cigol dna noitpyrced tuoba lla era slevel esehT .sihtkcah no slevel tpyrc eht ot emoclew ,olleH" | rev Hello, welcome to the crypt levels on...

  • Vulnhub - Kioptrix 1

    Setup DHCP Server assigns VM the IP: 10.10.10.4 $ git clone https://github.com/heltonWernik/OpenLuck /opt/OpenLuck $ cd $_ $ mv OpenFuck.c LuckLocal.c # for courtesy ;) $ gedit LuckLocal.c Minor edits to LuckLocal.c, which you can see in my OpenLuckLocal repo $ apt install libc6-dev-i386 $ gcc LuckLocal.c -o open -lcrypto $...