Kioptrix 1 Write-up
Apr 14, 2014
This post contains the steps to get a root shell with Kioptrix level 1 VM
This VM can he found here. Have a look to find even more VMs
Host discovery First, we need to discover where the machine is on our network. To do so, let’s use Nmap:
nmap -sP 192.168.1.1/24 Fingerprinting After getting the IP address, we need to do some fingerprinting.
nmap -sV 192.168.1.2 Fig. Nmap scan result
...
➦
SecOS-1 First VM Out
Apr 14, 2014
Hey there,
Quick blog post for the first VM I created to experiment some of your pentesting skills.
The idea grew up when I developed some security tools (especially the one (CSRFT) I presented at BSides London few weeks ago) to create a legal environment where you could try it out.
I really liked creating this Boot2root VM. So, I’ll create few more that will rely on each other so keep the flags because you’ll need it for the next ones.
...
➦
Updating OpenFuck Exploit
Apr 14, 2014
This blog post will be quite fast and will provide you the steps to update the OpenFuck exploit.
This exploit is pretty old but you might need it if you have fun with some vulnerable VMs. Not giving any hint. :-)
Thanks to this blog, I’ve been able to update the exploit.
Here are the steps to make this work :
1) Add those headers : #include <openssl/rc4.h> #include <openssl/md5.h> 2) Update the URL of the C file.
...
➦
VulnOS Write-up
Apr 8, 2014
This contains the solution of the VM: VulnOS.
This is my first write-up for a VM and I’m doing it for VulnOS which is hosted on VulnHub (Great resource if you want to improve your pentesting skills).
In this ’tutorial’, I’m gonna give you the steps I reproduced to get a shell on the machine.
Discovery First, start by scanning the network to discover where’s the host.
nmap -sV 192.168.56.1/24 Starting Nmap 6.
...
➦
Python + Transmission daemon = Download easily your favorite TV Show
Mar 28, 2014
This post is about my last project : my TV Show Manager.
I decided to start it because I wanted something really simple to download my favorite TV Shows. In this post, I’ll explain step by step how to reproduce it at home.
Basically, with this tutorial you’ll set up your Raspberry box by :
Installing / set-uping transmission-daemon Getting one of my latest project TVShowManager that uses my EZTV Python API.
...
➦
XSS Callback
Mar 20, 2014
This post deals with a project I developed : XSS Callback.
This is not going to be (at least, I hope) a boring post about XSS exploitation. No.
Well, one scenario of using XSS would be to steal victim’s cookie and access the page through his session. This technique is called Session Hijacking. Ok fair enough.
However, some issues are present using this technique, let’s take an example :
You target a website Unfortunately, it’s too late (or too early depending on your situation) and you go to sleep.
...
➦
Dealing with HTML submits conflicts
Mar 9, 2014
This first post is related with one of my project : CSRFT. CSRFT is a Cross Site Request Forgery (CSRF) vulnerabilities Toolkit.
My toolkit allows you to exploit either GET and POST HTTP Requests. During some testings, I had issues with some specific forms.
Let’s take an example of such form :
<form action="http://website.com/blog/" id="form" method="get"> <label class="assistive-text" for="s">Search</label> <input class="field" id="s" name="s" placeholder="Search" type="text" value="Search Value"/> <input class="submit" id="searchsubmit" name="submit" type="submit" value="Search"/> </form> The code injected on the page to submit the form was like that :
...
➦
Starting my own blog
Mar 4, 2014
Starting my own blog has been something I really wanted to do. I’ll add post related to my different projects but also on Web security.
Here are my different motivations :
1. Provide a portfolio of my different projects. 2. Explain some problems I had and provide the solution 3. Talk about some geek stuffs. Let’s see :) Hope you’ll have fun to read me. Cheers and see you soon.