Security 404 - Balancing Compromise

July 2, 2020 in Blog

The test of a first-rate intelligence is the ability to hold two opposed ideas in the mind at the same time and still retain the ability to function. - F. Scott Fitzgerald

While I can’t speak to first-rate intelligence I feel like this quote perfectly describes my role in information security. I do not hold a high-level position, but still, when it comes to influence in business, information security is a topic where even a lowly analyst is given unparalleled access and opportunity.

Because technology is centric to most business functions, any threat to that technology direct impacts the bottom line. This threat cycle is all well known by now. At this point most organizations have methods to determine risk, and threat model certain business decisions. This is part of my job and the basis for this post.

WestWild Walkthrough

September 6, 2019 in CTF

This is a walkthrough of the beginner-level CTF machine “WestWild” on Vulnhub. ****Spoiler Alert**** ****Spoiler Alert**** So there is an obvious web page here after bootup, but it’s a red herring and we’ll rely on our trusty nmap scan: Ok, let’s see if nikto turns up anything for HTTP: Doesn’t look like anything special to me. Let’s take a look at Samba and see if enum4linux turns up anything interesting:

Matrix Walkthrough

November 16, 2018 in CTF

This is a walkthrough of the Intermediate machine “Matrix” on Vulnhub. Let’s take the red pill and see where this story goes…. ****Spoiler Alert**** ****Spoiler Alert**** So one of the scripts I run includes what I label as a “shotgun” option, and is essentially nmap -A. Running it here gives the following output: This shows a typical OpenSSH server with non-typical Python SimpleHTTPServer modules running under ports 80 and 31337. Let’s look at these one at a time.

SolidState Walkthrough

November 14, 2018 in CTF

This is a walkthrough of the CTF machine “SolidState” (originally on HackTheBox), now on Vulnhub. There are many writeups like it, and this one is mine. ****Spoiler Alert**** ****Spoiler Alert**** This was a great classic CTF, with some twists and multiple ways to gain a low privilege shell. Let’s grab our nmap scan and see what our options are: Ok, so when I see any service that looks like something other than generic (like sendmail or postfix), or bigname (like MS), I tend to think that it’s a great place to look for public exploits.

Stapler Walkthrough

November 10, 2018 in CTF

This is a walkthrough of the CTF machine “Stapler” on Vulnhub. This is a great machine for practicing enumeration :) ****Spoiler Alert**** ****Spoiler Alert**** Let’s jump all in with an extended TCP Nmap scan (nmap -A recommended, but too much info to list here): Wow, ports a-plenty! For these CTF machines this result is always bittersweet since that’s just that much more possible dead ends. For brevity here, I’ll list some of the avenues I followed here:

Brainpan Walkthrough

September 24, 2018 in CTF

I’ve had Brainpan downloaded for awhile and for some reason I haven’t ran it, so having a couple of hours last night I decided to see what it was all about. Unbeknownst to me, it was exactly what I was needing… ****Spoiler Alert**** ****Spoiler Alert**** I had been wanting to practice buffer overflows for my upcoming OSCP test, and have been working on getting Windows machine setup just for this running vulnserver or something similar.

GeminiV2 Walkthrough