Overview
Welcome to another HackTheBox walkthrough on this blog! "Jarvis" was recently retired, and this was definitely one of my favorite Linux boxes so far on HTB.
Let's get started!
Monday, November 11, 2019
Saturday, September 14, 2019
HackTheBox Walkthrough - LUKE
Overview
Welcome to the second HackTheBox walkthrough on this blog! "Luke" has been recently retired, so I'll go ahead and share how I went about in owning the machine. This machine had somewhat of a CTF feeling and was a fun learning experience nevertheless.
Sunday, September 8, 2019
HackTheBox Walkthrough - BASTION
Overview
HackTheBox is a great online platform for practicing penetration testing - users submit vulnerable machines and challenges and invite users (both free and premium subscriptions) to poke at them. It's a great way to learn - the only downside I've come across so far as a free user is that you're hitting the machine at the same time as other users. Occasionally machines get overwhelmed, or someone breaks something or changes some files, or someone leaves too many breadcrumbs behind and spoils things for others. You can always reset a machine back to its initial starting state, but that can get annoying if you have to redo exploit after exploit (at least it's good practice!).
Aside from the slight inconveniences from sharing, it's a great platform and place to learn - I highly recommend it for anyone who's looking for penetrating testing resources. Note - you may have to "hack" your way into the website to get your invite code ;)
As a general rule, users can't submit their solutions and walkthroughs for machines and challenges until after they're retired. Luckily, Bastion was retired just recently, and I'm excited to post my first HackTheBox walkthrough on my blog. Bastion is the first Windows machine I attempted on HackTheBox, and it was certainly a fun learning experience.
HackTheBox is a great online platform for practicing penetration testing - users submit vulnerable machines and challenges and invite users (both free and premium subscriptions) to poke at them. It's a great way to learn - the only downside I've come across so far as a free user is that you're hitting the machine at the same time as other users. Occasionally machines get overwhelmed, or someone breaks something or changes some files, or someone leaves too many breadcrumbs behind and spoils things for others. You can always reset a machine back to its initial starting state, but that can get annoying if you have to redo exploit after exploit (at least it's good practice!).
Aside from the slight inconveniences from sharing, it's a great platform and place to learn - I highly recommend it for anyone who's looking for penetrating testing resources. Note - you may have to "hack" your way into the website to get your invite code ;)
As a general rule, users can't submit their solutions and walkthroughs for machines and challenges until after they're retired. Luckily, Bastion was retired just recently, and I'm excited to post my first HackTheBox walkthrough on my blog. Bastion is the first Windows machine I attempted on HackTheBox, and it was certainly a fun learning experience.
Saturday, August 17, 2019
SANS HOLIDAY HACK 2018 Walkthrough (Part 4; Questions 10-14)
Overview
Welcome to Part IV of the Sans Holiday Hack 2018 Walkthrough! This post will be devoted to analyzing the wannacookie.ps1 PowerShell ransomware that we obtained at the end of Question 9, as well as finishing the last few questions for the challenge. By analyzing the ransomware and its functionality, we'll have all the background information we need to finish the rest of the holiday hack challenge (and it's fun to look at PowerShell malware!)
If you would like to see the first three parts, you can find them here:
Let's get started!
Wannacookie PowerShell Ransomware
I've uploaded the full PowerShell code with comments up on Github, but I'll explain each function below, so we can see exactly what's going on and how everything is tied together.
Welcome to Part IV of the Sans Holiday Hack 2018 Walkthrough! This post will be devoted to analyzing the wannacookie.ps1 PowerShell ransomware that we obtained at the end of Question 9, as well as finishing the last few questions for the challenge. By analyzing the ransomware and its functionality, we'll have all the background information we need to finish the rest of the holiday hack challenge (and it's fun to look at PowerShell malware!)
If you would like to see the first three parts, you can find them here:
Let's get started!
Wannacookie PowerShell Ransomware
I've uploaded the full PowerShell code with comments up on Github, but I'll explain each function below, so we can see exactly what's going on and how everything is tied together.
Sunday, August 11, 2019
SANS HOLIDAY HACK 2018 Walkthrough (Part 3; Questions 7-9)
Overview
Welcome to Part III of the Sans Holiday Hack 2018 Walkthrough! In this post, I'll go through questions 7 through 9 and their associated terminal challenges. If you would like to see the first two parts, you can find Part I here and Part II here.
Let's get started!
QUESTION 7
"Santa uses an Elf Resources website to look for talented information security professionals. Gain access to the website and fetch the document `C:\candidate_evaluation.docx`. Which terrorist organization is secretly supported by the job applicant whose name begins with "K"? For hints on achieving this objective, please visit Sparkle Redberry and help her with the Dev Ops Fail Cranberry Pi terminal challenge."
Link to website to gain access to: https://careers.kringlecastle.com/
Optional - talk to Sparkle Redberry and complete her terminal challenge. Sparkle is on the left area of the second floor, by Toy Soldier 3 and SugarPlum Mary.
Talk to Sparkle to find out about her challenge:
The goal is to find Sparkle's password. Run ls to find a directory called kcconfmgmt and the runtoanswer program to submit our final answer.
cd into kcconfmgmt. The .git directory here tells us that this is the git repository we want to dig around in. Run "git log" and start browsing through the commit history.
Welcome to Part III of the Sans Holiday Hack 2018 Walkthrough! In this post, I'll go through questions 7 through 9 and their associated terminal challenges. If you would like to see the first two parts, you can find Part I here and Part II here.
Let's get started!
QUESTION 7
"Santa uses an Elf Resources website to look for talented information security professionals. Gain access to the website and fetch the document `C:\candidate_evaluation.docx`. Which terrorist organization is secretly supported by the job applicant whose name begins with "K"? For hints on achieving this objective, please visit Sparkle Redberry and help her with the Dev Ops Fail Cranberry Pi terminal challenge."
Link to website to gain access to: https://careers.kringlecastle.com/
Optional - talk to Sparkle Redberry and complete her terminal challenge. Sparkle is on the left area of the second floor, by Toy Soldier 3 and SugarPlum Mary.
Talk to Sparkle to find out about her challenge:
Hi, I'm Sparkle Redberry!Click on the terminal to start Sparkle's challenge.
Ugh, can you believe that Elf Resources is poking around? Something about sensitive info in my git repo.
I mean, I may have uploaded something sensitive earlier, but it's no big deal. I overwrote it!
Care to check my Cranberry Pi terminal and prove me right?
The goal is to find Sparkle's password. Run ls to find a directory called kcconfmgmt and the runtoanswer program to submit our final answer.
cd into kcconfmgmt. The .git directory here tells us that this is the git repository we want to dig around in. Run "git log" and start browsing through the commit history.
 |
| Interesting commit history. |
Friday, August 2, 2019
SANS HOLIDAY HACK 2018 Walkthrough (Part 2; Questions 4-6)
Overview
Welcome to Part II of the Sans Holiday Hack 2018 Walkthrough! In this post, I'll go through questions 4 through 6 and their associated terminal challenges. If you missed Part I or would like to refer back to it for anything, you can find it here.
Let's get started!
Question 4
"Retrieve the encrypted ZIP file from the North Pole Git repository. What is the password to open this file? For hints on achieving this objective, please visit Wunorse Openslae and help him with Stall Mucking Report Cranberry Pi terminal challenge."
The Git repository can be found here.
Optional - talk to Wunorse Openslae and complete his terminal challenge. Wunorse is located on the ground floor of the castle, in the right hallway past Bushy Evergreen.
Welcome to Part II of the Sans Holiday Hack 2018 Walkthrough! In this post, I'll go through questions 4 through 6 and their associated terminal challenges. If you missed Part I or would like to refer back to it for anything, you can find it here.
Let's get started!
Question 4
"Retrieve the encrypted ZIP file from the North Pole Git repository. What is the password to open this file? For hints on achieving this objective, please visit Wunorse Openslae and help him with Stall Mucking Report Cranberry Pi terminal challenge."
The Git repository can be found here.
Optional - talk to Wunorse Openslae and complete his terminal challenge. Wunorse is located on the ground floor of the castle, in the right hallway past Bushy Evergreen.
Hi, I'm Wunorse OpenslaeClick on the terminal to start the challenge!
What was that password?
Golly, passwords may be the end of all of us. Good guys can't remember them, and bad guess can guess them!
I've got to upload my chore report to my manager's inbox, but I can't remember my password.
Still, with all the automated tasks we use, I'll bet there's a way to find it in memory...
 |
| Terminal challenge prompt |
Friday, July 26, 2019
SANS HOLIDAY HACK 2018 Walkthrough (Part 1; Questions 1-3)
Overview
The main page for the event is at https://holidayhackchallenge.com/2018/index.html
The questions and objectives for 2018 can be found at https://holidayhackchallenge.com/2018/story.html
To create an account for the event, check out https://kringlecon.com/invite
Thanks to SANS, you can still work on this challenge even after the event has ended! You won't get any prizing for completing it late of course, but we still get to learn and test our skills. The same applies for previous SANS challenges, as well, and I highly encourage everyone to try those out!
Getting Started
Read through the main page and story page to get a feel for the 2018 event. When we're ready, we can make an event account over at https://kringlecon.com/invite
The main page for the event is at https://holidayhackchallenge.com/2018/index.html
The questions and objectives for 2018 can be found at https://holidayhackchallenge.com/2018/story.html
To create an account for the event, check out https://kringlecon.com/invite
Thanks to SANS, you can still work on this challenge even after the event has ended! You won't get any prizing for completing it late of course, but we still get to learn and test our skills. The same applies for previous SANS challenges, as well, and I highly encourage everyone to try those out!
Getting Started
Read through the main page and story page to get a feel for the 2018 event. When we're ready, we can make an event account over at https://kringlecon.com/invite
Once you're in the virtual world of KringleCon, follow the path north to talk to Santa before entering the castle.
Head into the castle, and let's start tackling these questions!
Subscribe to:
Posts (Atom)