My Journey to OSCP
Just received the email this morning that I passed the Penetration Testing with Kali Linux exam and obtained my Offensive Security Certified Professional (OSCP) certification. Hooray!
Captive Portal Workaround
On many trips and holidays I find public Wi-Fi hotspots, e.g. in hotels or bars, which use a “captive portal” where you have to authenticate before you are allowed to access the internet.
Going undercover with Kali
With the new Kali 2019.4 release, Kali comes with an ‘undercover’ mode which make the Kali desktop look like Windows 10.
Logging terminal session - continued
As mentioned in my previous article about logging the terminal session, it would be very nice to have the date time echo-ed regularly, to be able to find your way in the log-file.
Netcat as a service
Many times I’ve used Netcat to setup (reverse) shell from a compromised machine. Digging into services lately, I thought why not use a service to make Netcat a persistent to be able to return to the machine.
Logging terminal session
As a penetration tester you really must log all steps you take to make a complete and detailed report for the client. Ofcourse you can’t help that once in a while you miss one step. From my training I got a valuable tip to use the script command for logging complete terminal sessions.
PWK Live Course
On my road to OSCP I just finished one awesome week of OSCP Training. The live Penetration Testing with Kali Linux (PWK) training by Offensive Security trainers.
Installing Hardware Backdoors In The Supply Chain
Bloomberg release a very detailed report on how Amazon discovered a hardware backdoor the size of a single grain of rice in servers manufactured by Elemental Technologies.
The game of DDOS attacks: Game over
The Netherlands was plagued by numerous DDOS attacks lately. The tax authorities, Bunq bank and many other banks and government agencies. The attacker was careless and left some traces and was even arrogant enough to seek contact with the sysadmin of Tweakers.net, one of the targeted sites.
Wordpress Plugins
Recently I was asked to give feedback on a new website. It uses Wordpress, but why? Why not? So I researched a bit and was able to give a well-founded answer. about the risk of having plug-ins installed.
The most used OS by far
Every modern Intel CPU has Intel’s Management Engine (ME) built in. You actually get another OS completely free with your CPU: MINIX.
Explore Universal Plug and Play
To me Universal Plug and Play (UPnP) alway was a mysterious protocol. When some cool program required an open port, UPnP made it happen. When some fancy program did not work, someone would ask me: “Did you enable UPnP”? Right, I forgot… I had no clue what magic UPnP did for me.
Editing with sed
At times I find myself in situations in which I can not rely on my favorite commandline text editor VIM. But of course editing files is a must. Writing my own non-interactive line editor actually did cross my mind, but hold on… What about my old time friend sed?!
Equifax hack
Equifax is a consumer credit reporting agency and last week it got hacked. Now the information of 143 milion US citizens, about 45% of the population, has been compromised by hackers. The hackers got access to names, birth dates, addresses but also social sercurity numbers and in some cases drivers license numbers.
Lock picking in practice
Many years ago, I studied the art of picking locks. Not to do anything illegal, but just to learn about locks and how they work. Most importantly, open locks in a non-destructive way the manufacturer certainly did not intend to open. I bought a lock picking set and a practice lock. Over the years I collected some other locks, formerly used in real life. I finally got a chance to show off my skills.
Using netcat without -e
Recently in my OSCP course, I was struggeling a few hours to get a reversed shell connection. It was a FreeBSD box, not quite my expertise. Finally I came up with a simple solution using tail -f.