Blog
Actively writing about technology, life-events and indie hacking. Here are some of my most recent thoughts and hacks I've published.
- 17 Jul 2023
Hack The Box - Socket
Socket is a Medium Difficulty Linux machine that requires reversing a Linux/Windows desktop application. This reveals an endpoint that is vulnerable to `SQL` injection via a websocket. Dumping the database leaks hashes that, once cracked, yield `SSH` access to the box. Finally, a `PyInstaller` script can be executed with elevated privileges that grant root access to the machine.- hack-the-box
- writeup
- nmap
- sqlmap
- websocket
- sqlmap-proxy
- proxy
- python
- wscat
- 10 Jul 2023
Hack The Box - Inject
Inject is an easily level Linux challenge on Hack the box. It exposes a website that is vulnerable to LFI. Which can be used to expose the Java source code and dependency file. Using Snyk shows a vulnerable dependency that allows remote code execution.. The root step is about abusing a cron that’s running the Ansible automation framework.- hack-the-box
- writeup
- nmap
- lfi
- snyk
- tomcat
- java
- maven
- ansible
- 13 Jun 2023
Hack The Box - Soccer
This is a write-up of Soccer, a CTF challenge on the Hack the Box platform. It's an easy-level Linux machine where good enumeration is key. A misconfigured file manager grants access to the box. This reveals a hidden side with a SQL vulnerability that allows to pivot to a more privileged user. With doas configured for this user, I then craft an exploit to get access to root.- hack-the-box
- writeup
- nmap
- tiny-file-manager
- webshel
- php
- websocket
- sqlmap
- doas
- stat
- 25 Apr 2023
Proxying the AWS CLI through Burp Suite.
In this post, I walk you through how to configure the AWS CLI to proxy all its requests through Burp Suite. It's an exciting way to learn how the CLI works internally or could be helpful when debugging a weird edge case.- aws
- cli
- burpsuite
- proxy
- internals
- 15 Jul 2022
Where's dig
Nowadays, it is relatively common to find a stripped-down docker container. While great to save precious bytes on hard drives, this might complicate things when you quickly need to debug something. This post explains how you can quickly install dig or nslookup within your container on different distros.- linux
- dig
- 08 Jan 2022
Add styling to an active link in Next.js
In this post I show how you can use router api to detect active link in Next.js- nextjs
- react
- javascript
- 07 Oct 2021
Hack The Box - Cap
In this post, I'll go over Cap from Hack the Box. An easy level Linux machine where the name is nice hint. An IDOR gives access to a PCAP with unencrypted traffic and misconfigured capabilites allow getting a shell as root.- hack-the-box
- writeup
- cap
- idor
- pcap
- capabilities
- 24 Sept 2021
Experimenting with the OMIGOD vulnerabilities!
Being able to experiment with vulnerabilities is crucial to gain a deeper understanding of them. In this post, we'll look at creating an environment with a vulnerable version of the OMI agent.- linux
- azure
- omigod
- 30 Aug 2021
Hack The Box - Knife
In this post, I'll go over Knife from Hack the Box. It's an easy level Linux machine that shows what damage a supply chain attack on the PHP codebase could have caused if it would have slipped through the cracks and got released into the wild.- hack-the-box
- writeup
- knife
- php
- backdoor
- chef