This post is a write up of my method for solving the Location Analysis challenge during the 2022 Hacky Holidays: Unlock the City CTF. The challenge description reads: We noticed that the AI was breaking in to one of the systems in our research center. The system is used in…

Background on Lock Screen Bypass Exploits Android devices have had multiple CVE findings through the past few years which enable an individual to bypass the lock screen and obtain unauthorized access or escalation of privilege. For example, CVE-2015–3860 is a previously identified CVE that utilizes the emergency dialer and camera processes to stage a buffer overflow…

In the midst of conducting a research project on auditing passwords (which I hope to blog about later!), I had acquired numerous large password leaks. These leaks, however, sometimes were not just simple plain text passwords. They could contain hashes, hash type, count of hits in the source list, etc…

This post is part of a series on data extraction techniques on Linux Systems; though in this post I will provide a Windows example as well. If you like what you read here, be sure to stay tuned for additional articles! You can view the released articles here: Bash Tricks for Command Execution and Data Extraction over HTTP/S This post is part of a series on data extraction techniques on Linux Systems, if you like what you read here, be sure…medium.com

This post is part of a series on data extraction techniques on Linux Systems. If you like what you read here, be sure to stay tuned for additional articles! You can view the released articles here: Bash Tricks for Command Execution and Data Extraction over HTTP/S This post is part of a series on data extraction techniques on Linux Systems, if you like what you read here, be sure…medium.com Introduction

This post is part of a series on data extraction techniques on Linux Systems. If you like what you read here, be sure to stay tuned for additional articles! Introduction Recently, the Maveris Red Team found themselves on a Linux-derived system with limited access through a blind Remote Code Execution (RCE)…

How an intelligence-driven approach can accelerate cybersecurity operations A little over 5 years ago I was tasked with modernizing Cybersecurity Operations (CSO) for one of the largest federal agencies in the U.S. The Chief Information Security Officer (CISO) at the time asked that I look at innovative ways to get…

TL;DR: Given just a PCAP of an SMB3 session, the encrypted SMB3 could be decrypted by cracking the NetNTLMv2 hash and computing the Random Session Key While poking around on the Hacky Holiday’s Space Race CTF, I found a very interesting challenge, “Stolen Research”, revolving around recovering stolen data from…

Maveris leadership loves the Olympics and are always looking for an opportunity to provide for collaborative and team building activities, so the Maveris Olympics was born. As a part of the planning team for the internal Maveris Olympics, I offered to create an event. I have always loved CTFs and…