capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 16 – Ransomware Madness #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our sixteenth challenge, we’re presented with a scenario where the Grinch is using the Best Festival Company to release his new ransomware. Oh no!

The topic explored in this challenge is Open Source Intelligence or OSINT for short. As you can imagine it uses open or free and public information to gather knowledge about a target. This is helpful for penetration tests and red team engagements as we want to get as much information as we can about our target. Such information can be search engines such as Google, social media such as Twitter, Facebook, Instagram and LinkedIn. Along with repositories such as GitHub. Anything that is public is fair game and will NOT get us in trouble.

Can McSkidy use her OSINT skills to help Santa save Christmas? See below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 15 – The Grinch’s Day Off #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our fifteenth challenge, we’re presented with a scenario where the grinch is taking a day off. Whew!

This challenge is a bit different. We’re presented with a quiz to determine what security career would be best for us. The choices are Security Analyst, Security Engineer, Incident Responder, Red Team, and Penetration Tester. Each career is explained at the end of the quiz.

See the below video to view my results!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 9 – Where Is All This Data Going #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our ninth challenge, we’re presented with a scenario where McSkidy notices there’s a large amount of traffic entering one system of the network. We need to use our traffic analysis skills to determine what the Grinch is up to destroy Christmas.

For this challenge we’re going to use a program called Wireshark. Wireshark allows us to review live network traffic to get usernames, passwords, etc. You might be thinking – well why can’t we just use the interception proxy that we used before in a previous challenge? Well interception proxies only work for web pages. Wireshark can work for other services that are not web pages such as a File Transfer Protocol (FTP) server where we can upload files to a server. A Domain Name Server (DNS) where we can substitute an IP address to a hostname. This will be especially useful during the challenge.

Can we use the information we learned about Wireshark to figure out how the Grinch is trying to destroy Christmas?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 10 – Offense Is The Best Defence #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our tenth challenge, we’re presented with a scenario where McSkidy needs to perform a security assessment as Grinch Enterprises has caused damaged to the Best Festival Company’s infrastructure. The security assessment is to determine how the grinch was able to do the damage and what services the grinch exploited to gain access to the system.

Topics explored in this challenge are IP addresses which are logical representation of an address. An IP address is represented as four decimal numbers between the 0-255. Ex: 192.168.0.255. Every computer or host has an IP address. The next topics are protocols and servers. A protocol is an agreed upon method to communicate between two parties. In our instance, it’s an agreed upon method to communicate between a client (in most cases our computer) and a server. The next topic is a port. Now we can have multiple services running on the same server how can we determine the service? This is where the port comes in. You can think of the port as a street address. There are multiple homes on a street but there’s one home that matches a particular street address. The final topic is a program called Network mapper or Nmap. Nmap allows is to look at a network and determine what is open. This is helpful because we can determine if our network is too accessible or if we have it locked down just right. This is going to be helpful in McSkidy security assessment.

Can we use the information we learned about Nmap, IP addresses, ports, and servers to determine how the grinch gained access to the system?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 11 – Where Are The Reindeers? #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our eleventh challenge, we’re presented with a scenario where McDatabaseAdmin has been locked out of the Microsoft MySQL Server (MS MQL Server) as the grinch has changed the password. Oh no!!! We need to probe to get McDatabaseAdmin’s access back. Time is of the essence as this server handles Santa’s transportation for Christmas!

Let’s delve a bit deeper into MS SQL Server. It’s a Relational Database Management System (RDMS). The database is comprised of tables. Each table has a column which represents a record of a relationship (group) of data. Also, in a table are columns. A column in a table represents how to describe the data. For instance, if we had a customer’s table sample columns would be – First Name, Last Name, Address, City, State, Zip. All the attributes to describe where a person lives.

Can we use the information we learned about MS SQL Server to find the password and keep Santa’s travel on track for Christmas?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 12 – Sharing Without Caring #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our twelfth challenge, we’re presented with a scenario where there’s one server that has unusual traffic. We suspect Grinch Enterprises has been leaving traces of their exploits on our server. We must investigate this server to see what data we can extract.

The topic explored in this challenge was Network File System (NFS). NFS is a protocol that allows us to transfer files from one computer to another. It’s available on Windows and Linux. Which makes it easy to us NFS to share files between the different operating systems.

Can we use the information we learned about NFS to find the data we’re looking for?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking, owasp

@RealTryHackMe #AdventOfCyber Series: Challenge 5 – Pesky Elf Forum

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our fifth challenge, we’re presented with a scenario where the elves express their joy in a forum. Unfortunately for the elves, the Grinch has created an admin an account on the forum and has installed a bad plugin that changes Christmas to Buttmas *GASP*. We can’t have that for the kids and Santa!

The topic explored in this challenge was Cross-Site Scripting (XSS). We learned there are four flavors – Document Object Model (DOM), Reflected, Stored, and Blind, and why XSS is important. XSS in a nutshell is an injection attack where the input is not being validated or sanitized. Meaning the application allows ANY input from the user. This can be *hint, hint* HTML, JavaScript, etc. Of all the different flavors of XSS the most dangerous/catastrophic is Stored XSS. As the name implies it stores the payload into for instance a database. Meaning anyone that visit the website or invokes the particular database will be susceptible to that attack. We will use Stored XSS in this challenge.

Can we use the information we learned about XSS to remove the bad plugin in the forum?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking, owasp

@RealTryHackMe #AdventOfCyber Series: Challenge 4 – Santa’s Running Behind

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our fourth challenge, we’re presented with a scenario where Santa is running behind! We also learned that Santa has been naughty and did not adhere/follow the password requirements. Christmas is in jeopardy, and we need to help Santa get back on track. In this challenge the topics explored are authentication which is used to verify who we are to a system. The most common way to do this is with a username and password, but another technique is to use biometrics which is something that is unique to a person such as their fingerprint and/or retina (eye) scan.

The next topic discussed is fuzzing which is the automated process of finding information. In our case, we’re going to use fuzzing to find Santa’s password to get into the system and view his calendar. With fuzzing, there’s a tool that’s going to be used an interception proxy which intercepts requests before they are sent to the server. Remember the HTTP protocol (which we’re using) relies on requests and responses to communicate.

Can we use the topics above to make sure Santa stays on schedule and deliver the presents on time?

Well… click the below video to find out!

P.S. We also need to have a serious talk with Santa on following the password requirements in the future, so this doesn’t happen again!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking, owasp

@RealTryHackMe #AdventOfCyber Series: Challenge 3 – Christmas Blackout

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our third challenge, we’re presented with a scenario where there’s a Christmas blackout due to the email system and McSysAdmin losing access to their admin panel thanks to the Grinch nefarious activities! In this challenge we learn about content discovery. Content discovery is the process of looking for un-listed or un-related content online. This content is useful as it can be passwords, configuration files, etc. which can help us log into a website. Finally, we learn about default credentials and how it can help us gain access to a website.

Can we use the topics above to repair the email system and McSysAdmin to save Christmas?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, hacking, owasp

@RealTryHackMe #AdventOfCyber Series: Challenge 2 – Elf HR Problems #websecurity #infosec

Another day, another challenge…

In this post, we’re starting a new series the Advent of Cyber series that is hosted by TryHackMe. This is the third year of the Advent of Cyber where a challenge is released everyday leading to Christmas. In total there will be 25 challenges. In these challenges, we’re McSkidy an elf trying to save Christmas.

In our second challenge, we’re presented with a scenario where there are HR problems due to the Grinch and his nefarious activities! In this challenge we learn about HTTP(S) – HyperText Transport Protocol (Secure) which uses a client-server model by sending requests and responses. The challenge also delves into cookies which can be used to store information about a user. We can use cookies to do authentication bypass which means we can log in as another user without their password.

Can we use the topics above to repair the HR system and continue to save Christmas?

Well… click the below video to find out!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007