zacheller@home:~/blog$

  • TryHackMe - Google Dorking

    Ye Ol’ Search Engine “Search Engines” such as Google are huge indexers – specifically, indexers of content spread across the World Wide Web. They use “Crawlers” or “Spiders” to search for this content across the World Wide Web. Let’s Learn About Crawlers The diagram below is a high-level abstraction of...

  • pwnable.kr - collision

    Prompt Daddy told me about cool MD5 hash collision today. I wanna do something like that too! ssh col@pwnable.kr -p2222 (pw:guest) Solution We are given 3 files: col, col.c, and flag. We cannot open flag, but can read col.c and run the executable. #include <stdio.h> #include <string.h> unsigned long hashcode...

  • CNSS Certified Network Security Specialist

    The International Cybersecurity Institute (ICSI) had an free offer on their Certified Network Security Specialist course due to COVID, so I thought I’d take advantage. I finished the course in about a week and took a bunch of notes which you can find on SecWiki. My certificate of completion can...

  • Vulnhub - DC: 1

    Here’s a walkthrough for the first VM in the DC Vulnhub series. Enumeration nmap $ portscan 10.10.10.5 Open ports: 22,80,111,44029 Starting Nmap 7.80 ( https://nmap.org ) at 2020-08-11 15:21 EDT Nmap scan report for devel.htb (10.10.10.5) Host is up (0.00031s latency). PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.0p1...