Khris Tolbert·Jul 292022 Hacky Holidays: UnlockTheCity CTF— History Repeats, Stop The Heist, Cloud Escalator Part 1Recently, I participated in the Hackazon Hacky Holidays: UnlockTheCity CTF (say that three times fast). UnlockTheCity was a somewhat different experience than I was used to as the CTF released challenges in 4 separate phases, limited teams to no more than 4 participants, and ran for almost 3 weeks (from…Ctf Writeup18 min read
Allen Butler·Jul 282022 Hacky Holidays: Unlock the City CTF — Location AnalysisThis post is a write up of my method for solving the Location Analysis challenge during the 2022 Hacky Holidays: Unlock the City CTF. The challenge description reads: We noticed that the AI was breaking in to one of the systems in our research center. The system is used in…Ctf5 min read
Joshua Nearchos·Jun 23Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006)Background on Lock Screen Bypass Exploits Android devices have had multiple CVE findings through the past few years which enable an individual to bypass the lock screen and obtain unauthorized access or escalation of privilege. For example, CVE-2015–3860 is a previously identified CVE that utilizes the emergency dialer and camera processes to stage a buffer overflow…Android5 min read
Khris Tolbert·Apr 19How I [almost] blew up my computer: my story of trimming LARGE password lists / txt filesIn the midst of conducting a research project on auditing passwords (which I hope to blog about later!), I had acquired numerous large password leaks. These leaks, however, sometimes were not just simple plain text passwords. They could contain hashes, hash type, count of hits in the source list, etc…Password Cracking13 min read
Allen Butler·Mar 29Data Exfiltration using RedDropThis post is part of a series on data extraction techniques on Linux Systems; though in this post I will provide a Windows example as well. If you like what you read here, be sure to stay tuned for additional articles! You can view the released articles here: Bash Tricks for Command Execution and Data Extraction over HTTP/S This post is part of a series on data extraction techniques on Linux Systems, if you like what you read here, be sure…medium.comRed Team8 min read
Allen Butler·Mar 2Bash Tricks for File Exfiltration over HTTP/S using FlaskThis post is part of a series on data extraction techniques on Linux Systems. If you like what you read here, be sure to stay tuned for additional articles! You can view the released articles here: Bash Tricks for Command Execution and Data Extraction over HTTP/S This post is part of a series on data extraction techniques on Linux Systems, if you like what you read here, be sure…medium.com IntroductionPenetration Testing7 min read
Allen Butler·Feb 23Bash Tricks for Command Execution and Data Extraction over HTTP/SThis post is part of a series on data extraction techniques on Linux Systems. If you like what you read here, be sure to stay tuned for additional articles! Introduction Recently, the Maveris Red Team found themselves on a Linux-derived system with limited access through a blind Remote Code Execution (RCE)…Penetration Testing8 min read
Kevin Robins·Feb 8Gaining GroundHow an intelligence-driven approach can accelerate cybersecurity operations A little over 5 years ago I was tasked with modernizing Cybersecurity Operations (CSO) for one of the largest federal agencies in the U.S. The Chief Information Security Officer (CISO) at the time asked that I look at innovative ways to get…Cybersecurity5 min read
Khris Tolbert·Jul 28, 2021Decrypting SMB3 Traffic with just a PCAP? Absolutely (maybe.)TL;DR: Given just a PCAP of an SMB3 session, the encrypted SMB3 could be decrypted by cracking the NetNTLMv2 hash and computing the Random Session Key While poking around on the Hacky Holiday’s Space Race CTF, I found a very interesting challenge, “Stolen Research”, revolving around recovering stolen data from…Cybersecurity7 min read
Matt “Rudy” Benton·Jul 22, 2021Digital Marathon (An Olympics themed OSINT CTF)Maveris leadership loves the Olympics and are always looking for an opportunity to provide for collaborative and team building activities, so the Maveris Olympics was born. As a part of the planning team for the internal Maveris Olympics, I offered to create an event. I have always loved CTFs and…Osint2 min read