Using kali in lxc container the easy way

I bought a refurbished thinkpad x260 and the bios locked with the seller can not supply the password. Since I need at least a seperated kali for pentesting and used virtual box until today, I would need virtualization enabled. Which wasn’t unfortunately. So I am exploring ways to use kali as a lxc container. A … Read moreUsing kali in lxc container the easy way

Finally Brainfuck, a THM writeup of BlobBlog

Well it was anno 1998 when an older friend showed me the brainfuck programing language and what I took from this evening was, that such creepy codes are what’s needed for getting into hacking. That made me stay away from really digging into hacking until 20 years later. +[—>++<]>+.+++[->++++<]>.—.+++++++++.-[->+++++<]>-.++++[->++<]>+.-[->++++<]>.–[->++++<]>-.-[->+++<]>-.–[—>+<]>–.+[—->+<]>+++.[->+++<]>+.-[->+++<]>.-[—>++<]>+.–.—–.[->+++<]>.————.+[—–>+<]>.–[—>+<]>.-[—->+<]>++.++[->+++<]>.++++++++++++.———.—-.+++++++++.———-.–[—>+<]>—.+[—->+<]>+++.[->+++<]>+.+++++++++++++.———-.-[—>+<]>-.++++[->++<]>+.-[->++++<]>.–[->++++<]>-.——–.++++++.———.——–.-[—>+<]>-.[->+++<]>+.+++++++++++.+++++++++++.-[->+++<]>-.+[—>+<]>+++.——.+[—->+<]>+++.-[—>++<]>+.+++.+.————.++++++++.-[++>—<]>+.+++++[->+++<]>.-.-[->+++++<]>-.++[–>+++<]>.[—>++<]>–.+++++[->+++<]>.———.[—>+<]>–.+++++[->+++<]>.++++++.—.[–>+++++<]>+++.+[—–>+<]>+.———.++++.–.+.——.+++++++++++++.+++.+.+[—->+<]>+++.+[->+++<]>+.+++++++++++..+++.+.+[++>—<]>.++[—>++<]>..[->++<]>+.[—>+<]>+.+++++++++++.-[->+++<]>-.+[—>+<]>+++.——.+[—->+<]>+++.-[—>++<]>–.+++++++.++++++.–.++++[->+++<]>.[—>+<]>—-.+[—->+<]>+++.[–>+++<]>+.—–.————.—[->++++<]>.————.—.+++++++++.-[->+++++<]>-.++[–>+++<]>.——-.————.—[->++++<]>.————.—.+++++++++.-[->+++++<]>-.—–[->++<]>-.–[—>++<]>-. It seems my trauma comes true, … Read moreFinally Brainfuck, a THM writeup of BlobBlog

Learning SSRF with Portswigger Labs

Basic SSRF against the local Server https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost When accessing a product page an check stock link checks the stock through an API on some URL. We just need to change the url to localhost/admin where we can see user delete links and here we go with the request to delete that carlos: POST /product/stock HTTP/1.1 … Read moreLearning SSRF with Portswigger Labs

The Big and Dandy "How to get into Infosec" Resources Post 2020

On a daily basis and on all hacking oriented communities, people ask how to start or to get into Infosec. I decided to maintain a post where I collect my ressources regarding (beginner) learning ressources. I am learning towards an infosec position for a while now and I am now a junior pentester at a … Read moreThe Big and Dandy "How to get into Infosec" Resources Post 2020

FiSi Prüfungsvorbereitung

Ich habe mir vorgenommen, meine Prüfungsvorbereitung online zu sammeln, ich denke, ich behandele immer kleine Themen als Post. As usual, sind die Informationen Unvollständig und nur auf meine Bedürfnisse abgestimmt. Aber vll kann es einer gebrauchen. Trying to be IHK compliant. Ressourcen Projektmanagement https://www.inloox.de/unternehmen/blog/artikel/einfuehrung-ins-pm-10-was-ist-ein-netzplan/ Wirtschaft https://www.bpb.de/nachschlagen/lexika/lexikon-der-wirtschaft/20309/preisbildung https://www.unternehmerlexikon.de/preisbildung/

WriteUp: Phoenix Exploit.Education

Writeup for the Phoenix VM from http://exploit.education/phoenix/. stack-onepython -c ‘print 64*”A”‘ stack-twoexport ExploitEducation=$”cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\n\t\n\r” learned about endianess here. really missing some of the basic computer science stuff, but well coming to it… stack-threeuser@phoenix-amd64:/opt/phoenix/amd64$ objdump stack-three -x | grep level user@phoenix-amd64:/opt/phoenix/amd64$ python -c ‘print “c”*64+”\x9d\x06@”‘ | ./stack-three Welcome to phoenix/stack-three, brought to you by https://exploit.education calling function … Read moreWriteUp: Phoenix Exploit.Education

strace howto

strace -f -p PID returns syscalls of the process PID -eopen filters for open files -econnect filters for open sockets sendto(32, “@\4\0\0\20\0\1\0\0\0\0\0\0\0\0\0\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0″…, 1088, MSG_NOSIGNAL, NULL, 0 a sendto() syscall, the 32 ist a file descriptor, see /proc/PID/fd/ tbc.