thatonethrunter·Aug 17A Tale of Adversity and Success at the 2023 Marine Corps Cyber Games“An in-person event? What’s that?” That was my first reaction when asked if I’d be interested in putting together a team for the 2023 Marine Corps Cyber Games in Charleston, SC. …Ctf8 min readCtf8 min read
Left4Zed·May 31I took Google’s Cybersecurity Certification and Here’s What I Learned.So I decided to take Google’s new Cybersecurity Certification Program. I wanted to see what the content was like and with the promise of learning basic SQL and Python by going through this program I was intrigued. …Cybersecurity Training10 min readCybersecurity Training10 min read
Khris Tolbert·Mar 24HTB: CA2023 — Forensics Interstellar C2The folks at HackTheBox put on another fun/great event! One of my favorite solves from this event was the Forensic Interstellar C2 challenge. I really enjoyed the realistic-ish hunt via PCAP of a suspected PowerShell dropper and it’s encrypted traffic. …Cyberscurity7 min readCyberscurity7 min read
Allen Butler·Mar 23DNS over SSH the Modern Way with DoHoSoSSHDNS over HTTPS, Socks, and SSH — Tunneling DNS through SSH using socat or nc with named pipes is a finicky approach to a not-so-common problem. In my experience it can be incredibly unreliable when you need it most and constantly leads to hung requests which require process restarts. No wonder though; wrapping a connectionless protocol in…DNS4 min readDNS4 min read
Khris Tolbert·Oct 31, 2022HTB: HackTheBoo 2022 Crypto_whole_lotta_candy writeupHad a chance to meddle with HTB:HackTheBoo while it was live from October 23rd through the 27th. Plenty of fun and unique challenges despite most of the puzzles being rated “easy”. One of the challenges I found very interesting was the crypto_whole_lotta_candy challenge. The challenge revolved around decrypting a given…Cybersecurity5 min readCybersecurity5 min read
Khris Tolbert·Sep 12, 2022F5 ASM Rule 200004181: Generic Server Side Code Injection BypassTL,DR; During a recent engagement, we discovered a signature bypass for the F5 ASM Rule 200004181: Generic Server Side Code Injection. As we had come upon a Tomcat Manager instance, we discovered this bypass while attempting to upload a WAR file to the manager. …Cybersecurity3 min readCybersecurity3 min read
Khris Tolbert·Jul 29, 20222022 Hacky Holidays: UnlockTheCity CTF— History Repeats, Stop The Heist, Cloud Escalator Part 1Recently, I participated in the Hackazon Hacky Holidays: UnlockTheCity CTF (say that three times fast). …Ctf Writeup18 min readCtf Writeup18 min read
Allen Butler·Jul 28, 20222022 Hacky Holidays: Unlock the City CTF — Location AnalysisThis post is a write up of my method for solving the Location Analysis challenge during the 2022 Hacky Holidays: Unlock the City CTF. The challenge description reads: We noticed that the AI was breaking in to one of the systems in our research center. The system is used in…Ctf5 min readCtf5 min read
Joshua Nearchos·Jun 23, 2022Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006)Background on Lock Screen Bypass Exploits Android devices have had multiple CVE findings through the past few years which enable an individual to bypass the lock screen and obtain unauthorized access or escalation of privilege. For example, CVE-2015–3860 is a previously identified CVE that utilizes the emergency dialer and camera processes to stage a buffer overflow…Android5 min readAndroid5 min read
Khris Tolbert·Apr 19, 2022How I [almost] blew up my computer: my story of trimming LARGE password lists / txt filesIn the midst of conducting a research project on auditing passwords (which I hope to blog about later!), I had acquired numerous large password leaks. These leaks, however, sometimes were not just simple plain text passwords. They could contain hashes, hash type, count of hits in the source list, etc…Password Cracking13 min readPassword Cracking13 min read