Don’t buy at Netsuck ahm Netcup
Because they suck and will sue you over a few euros in pandemic times after a ridiculous short time. Don’t buy there.
to_remember
Free Party: Die Staedtischen Kollektiv
I had the pleasure to enjoy the latest DIY, fusion style street party from the Collective “Die Städtischen”. I was so blasted to find a just started, awesomely lovely concert/party for free. Completely without any commercial background and that’s right where I stumbled out of the train to find something cool happening. Was obviously the … Read moreFree Party: Die Staedtischen Kollektiv
FOSS Music Production
I recently found an FOSS alternative to Ableton Live. How great is that, I even like the workflow better than Live’s. Instantly got productive doing some music with actually output. Didn’t really had that for a while. Such a bliss, so much love and props to the dev’s of LMMS! You’re doing awesome work, I … Read moreFOSS Music Production
Using kali in lxc container the easy way
I bought a refurbished thinkpad x260 and the bios locked with the seller can not supply the password. Since I need at least a seperated kali for pentesting and used virtual box until today, I would need virtualization enabled. Which wasn’t unfortunately. So I am exploring ways to use kali as a lxc container. A … Read moreUsing kali in lxc container the easy way
handling multiple script instances in BASH
With flock you can implement basic job control in bash. That’s very handy when you have a script that is running in multiple instances and doing file operations. I was writing a script to return some data from a switch stack to zabbix and as zabbix does run the script for every item it gets … Read morehandling multiple script instances in BASH
sed dislikes \d \w regex syntax
Reminder to not use \d, \w and such regex tokens when using regex with the linux streamline editor sed. Use [0-9] and [a-z] instead. Made me ask my first question on stackoverflow and getting downvoted for it 😛 https://regex101.com btw… when dealing with regular expressions, a handy tool. would be nice to have a sed … Read moresed dislikes \d \w regex syntax
Finally Brainfuck, a THM writeup of BlobBlog
Well it was anno 1998 when an older friend showed me the brainfuck programing language and what I took from this evening was, that such creepy codes are what’s needed for getting into hacking. That made me stay away from really digging into hacking until 20 years later. +[—>++<]>+.+++[->++++<]>.—.+++++++++.-[->+++++<]>-.++++[->++<]>+.-[->++++<]>.–[->++++<]>-.-[->+++<]>-.–[—>+<]>–.+[—->+<]>+++.[->+++<]>+.-[->+++<]>.-[—>++<]>+.–.—–.[->+++<]>.————.+[—–>+<]>.–[—>+<]>.-[—->+<]>++.++[->+++<]>.++++++++++++.———.—-.+++++++++.———-.–[—>+<]>—.+[—->+<]>+++.[->+++<]>+.+++++++++++++.———-.-[—>+<]>-.++++[->++<]>+.-[->++++<]>.–[->++++<]>-.——–.++++++.———.——–.-[—>+<]>-.[->+++<]>+.+++++++++++.+++++++++++.-[->+++<]>-.+[—>+<]>+++.——.+[—->+<]>+++.-[—>++<]>+.+++.+.————.++++++++.-[++>—<]>+.+++++[->+++<]>.-.-[->+++++<]>-.++[–>+++<]>.[—>++<]>–.+++++[->+++<]>.———.[—>+<]>–.+++++[->+++<]>.++++++.—.[–>+++++<]>+++.+[—–>+<]>+.———.++++.–.+.——.+++++++++++++.+++.+.+[—->+<]>+++.+[->+++<]>+.+++++++++++..+++.+.+[++>—<]>.++[—>++<]>..[->++<]>+.[—>+<]>+.+++++++++++.-[->+++<]>-.+[—>+<]>+++.——.+[—->+<]>+++.-[—>++<]>–.+++++++.++++++.–.++++[->+++<]>.[—>+<]>—-.+[—->+<]>+++.[–>+++<]>+.—–.————.—[->++++<]>.————.—.+++++++++.-[->+++++<]>-.++[–>+++<]>.——-.————.—[->++++<]>.————.—.+++++++++.-[->+++++<]>-.—–[->++<]>-.–[—>++<]>-. It seems my trauma comes true, … Read moreFinally Brainfuck, a THM writeup of BlobBlog
Writeup GamingServer TryHackMe
Running a simple Content discovery with burp, you will find a secret folder with a private ssh key and a corresponding wordlist to crack it. load it to john with 2john and you got its pass. allowing a ssh login with the key as the user, which you’d found in comments on the site. yes … Read moreWriteup GamingServer TryHackMe
Learning SSRF with Portswigger Labs
Basic SSRF against the local Server https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost When accessing a product page an check stock link checks the stock through an API on some URL. We just need to change the url to localhost/admin where we can see user delete links and here we go with the request to delete that carlos: POST /product/stock HTTP/1.1 … Read moreLearning SSRF with Portswigger Labs
The Big and Dandy "How to get into Infosec" Resources Post 2020
On a daily basis and on all hacking oriented communities, people ask how to start or to get into Infosec. I decided to maintain a post where I collect my ressources regarding (beginner) learning ressources. I am learning towards an infosec position for a while now and I am now a junior pentester at a … Read moreThe Big and Dandy "How to get into Infosec" Resources Post 2020
