The test of a first-rate intelligence is the ability to hold two opposed ideas in the mind at the same time and still retain the ability to function. - F. Scott Fitzgerald

While I can’t speak to first-rate intelligence I feel like this quote perfectly describes my role in information security. I do not hold a high-level position, but still, when it comes to influence in business, information security is a topic where even a lowly analyst is given unparalleled access and opportunity.

Because technology is centric to most business functions, any threat to that technology direct impacts the bottom line. This threat cycle is all well known by now. At this point most organizations have methods to determine risk, and threat model certain business decisions. This is part of my job and the basis for this post.

Continue reading

WestWild Walkthrough

This is a walkthrough of the beginner-level CTF machine “WestWild” on Vulnhub. ****Spoiler Alert**** ****Spoiler Alert**** So there is an obvious web page here after bootup, but it’s a red herring and we’ll rely on our trusty nmap scan: Ok, let’s see if nikto turns up anything for HTTP: Doesn’t look like anything special to me. Let’s take a look at Samba and see if enum4linux turns up anything interesting:

Continue reading

Matrix Walkthrough

This is a walkthrough of the Intermediate machine “Matrix” on Vulnhub. Let’s take the red pill and see where this story goes…. ****Spoiler Alert**** ****Spoiler Alert**** So one of the scripts I run includes what I label as a “shotgun” option, and is essentially nmap -A. Running it here gives the following output: This shows a typical OpenSSH server with non-typical Python SimpleHTTPServer modules running under ports 80 and 31337. Let’s look at these one at a time.

Continue reading

SolidState Walkthrough

This is a walkthrough of the CTF machine “SolidState” (originally on HackTheBox), now on Vulnhub. There are many writeups like it, and this one is mine. ****Spoiler Alert**** ****Spoiler Alert**** This was a great classic CTF, with some twists and multiple ways to gain a low privilege shell. Let’s grab our nmap scan and see what our options are: Ok, so when I see any service that looks like something other than generic (like sendmail or postfix), or bigname (like MS), I tend to think that it’s a great place to look for public exploits.

Continue reading

Stapler Walkthrough

This is a walkthrough of the CTF machine “Stapler” on Vulnhub. This is a great machine for practicing enumeration :) ****Spoiler Alert**** ****Spoiler Alert**** Let’s jump all in with an extended TCP Nmap scan (nmap -A recommended, but too much info to list here): Wow, ports a-plenty! For these CTF machines this result is always bittersweet since that’s just that much more possible dead ends. For brevity here, I’ll list some of the avenues I followed here:

Continue reading

Brainpan Walkthrough

I’ve had Brainpan downloaded for awhile and for some reason I haven’t ran it, so having a couple of hours last night I decided to see what it was all about. Unbeknownst to me, it was exactly what I was needing… ****Spoiler Alert**** ****Spoiler Alert**** I had been wanting to practice buffer overflows for my upcoming OSCP test, and have been working on getting Windows machine setup just for this running vulnserver or something similar.

Continue reading

GeminiV2 Walkthrough

This is a walkthrough of the CTF machine “Gemini2” on Vulnhub. A tough VM, with lots of learning potential! ****Spoiler Alert**** ****Spoiler Alert**** I seem to always be doing these CTFs in reverse order. I’ll be going back to do GeminiV1 after this, but for me this was very challenging and fun. I learned from both a web application and privilege escalation perspective as this one seemed to be very real-world based.

Continue reading

Author's picture

The NullCereal Blog

Jake’s Nerdy News and Security Topics

System/Network/Security

Jax Beach