Welcome to my blog, I will post things about cybersecurity, development and Linux. For more info check my about page and my socials:
π TL;DR - Git [draft]
You want to know how to use Git as a chad developper?
πͺ Build your own mechanical keyboard [draft]
A simple and quick summary on how to build a mechnical keyboard on your own from scratch.
You want to start to `pwn`? [draft]
So you want to start to pwn, donβt you? Well, I did too! Those are my notes on the past year of binary exploitation.
How to install Archlinux
I recently installed once again Archlinux on a laptop. Let me explain how to do so.
π¦ HTB - Schooled
Cool box, not too CTF-like and real-life applicable, my first FreeBSD π But root part was too quick. TL;DR XSS to steal Moodle creds of teacher, privesc as manager and then RCE. Get MySQL in config file, dump users and get password hash. Break the hash with john to ssh as user. Common pkg install exploit for root. Footholds # Nmap 7.91 scan initiated Mon Aug 2 22:40:05 2021 as: nmap -A -p- -T4 -o nmap....
π¦ HTB - Cap
Simple easy box, perfect to warmup before the FIC 2021 and get more confidence in 1337 h4ck1n9 TL;DR Find PCAP file on server, get SSH credentials, execute code as root with Python. Footholds I did not even use nmap here, as we had a web server serving on port tcp:80. This website looked like this: It seems to be a security dashboard for a server, we donβt have any info about that....
π TL;DR - pacman
The famous packet manager for Archlinux
π TL;DR - nmap
Maybe the most used tool when it comes to network discovery and port knocking.