Month: January 2020

  • Exploit 45233: OpenSSH 2.3 < 7.7 - Username Enumeration (CVE-2018-15473)

    Fix for: https://www.exploit-db.com/exploits/45233 Create file ssh-exploit-user-enum.py Run with Python 2 Requires paramiko (pip install paramiko) Exploit 45233 Fix the exploit first, see below. Fixing the exploit for Python3 Fix broken indentation before “pass” in “BadUsername” Replace every occurence of _handler_table by _client_handler_table Replace every occurence of print with print() 45233.py (fixed)

  • Hack the Box (HTB) – Postman

    Scanning Solution for user Matt Use redis exploit (see script exploit_redis.sh) to write my public key to authorized_keys Connect to redis user with my private key We find user Matt Find Matt’s password As redis user, connected with my private key Explore files. We will find a backup of Matt’s private key in /opt/id_rsa.bak Crack…

  • VM Network Settings

    Network Address Translation (NAT) TIP: To use the host’s VPN connection, use NAT setting (adapter: leave default). If Firefox gives errors about certificates, on the host (Windows), use certmgr.msc to export trusted certificate authorities and import them in Firefox on the guest machine. Bridged Networking Host or Internal Network Use this configuration with INSECURE VMs

  • Windows Lab

    Free Windows 10 VM Download virtual machine:https://developer.microsoft.com/en-us/windows/downloads/virtual-machines Username: User Password: <none>

  • Cisco ASA firewall: Cisco CLI “jail break” (CVE-2014-3390)

    Shell access without a reboot https://www.youtube.com/watch?v=KXqrovapQ5A&feature=youtu.be&t=1495

  • SANS Holiday Hack Challenge 2018

    SANS Holiday Hack Challenge 2018

    This is the walk-through solution for the Capture the Flag (CTF) challenge called “SANS Holiday Hack Challenge” from SANS (https://www.holidayhackchallenge.com/2018/). Note: Please keep in mind that there are often many ways to successfully complete such challenge. This is only one of them. Other tools can be used to obtain the same results. Questions Question 1…

  • Windows Linux Subsystem (WLS)

    https://docs.microsoft.com/en-us/windows/wsl/install-win10 Installation & Configuration

  • Oracle Linux / Oracle Exadata

    Cheat sheet and tricks for Oracle Linux and Oracle Exadata.

  • Bypass “Adobe CS6 not working” error on Mac OS X Catalina

    Open the Finder and go in the Applications folder Locate Adobe Photoshop CS6.app Right-click on it and choose Show Package Contents Open Contents/MacOS and double-click on Adobe Photoshop CS6 A warning will say that it will damage your computer, cancel it. Adobe Photoshop CS6 will open!