HTB Busqueda – Hint!
Seasonal machine at hack the box is a Linux instance with Apache 2.4.52. I’ve seen a lot of people struggling to find a functional and working reverse shell after they got the initial foothold. From an initial foothold it is…
Reverse hex string – Big endian to little endian
Working with a payload for a buffer overflow shellcode. For this particular task the payload needs to be reversed i.e “\x01\x02” should be “\x02\x01” etc. Didn’t find any online conversion tools so I wrote my one using C#. It could…
Approaches to detect and prevent network traffic from malicious networks
Research proposal AbstractConstantly, around the clock, reconnaissance is conducted for vulnerable systems and services around the world. This is done manually or automated by malicious actors and can be more or less systematic. To carry out these reconnaissance, tools are…
About CVE 2021 3560
Local privilege escalation using polkit Exploit CVE-2021-3560 is used for privilege escalation on linux systems. It’s related to polkit and D-bus requests. ”polkit is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to…
HTB Web challenge EasterBunny – Hints!
Some hints to the web challenge EasterBunny @ HTB: Look into if you can poison some header. Find the postman. Hope you find the correct Path..Good luck!
HTB Web challenge Neonify – Hints!
If you struggle with the web challenge Neonify at HTB, here comes some hints! Look in to the end of the line? Where is flag? May the encoding be with you..Good luck and let me know if any hint was…
.NET core web app using SSL – SEC_ERROR_INADEQUATE_KEY_USAGE
If there is problems start a local development server in .net core version 6 web app using SSL. You can disable SSL in the launch profile. When I started a new website today in the local dev I got the…
Big logfiles in VSLogs
If you have problems with the disk space suddenly being depleted. Could this be due to large auto-generated log files in VSLogs (../AppData/Local/Temp/VSLogs). This problem seems to have been around for a while and there is also an ongoing case…
UseStatusCodePagesWithReExecute .net 6
I got some problem when trying to use custom error pages in a .net 6 mvc web app. Using UseStatusCodePagesWithReExecute to redirect to an error controller on exceptions like 404 or 500 response status. But the error controller never got…
Changing password on a user using MMC
Warning message below is from changing a password on a user in Microsoft Management Console (MMC) Windows 10. The warning message was quite funny, it’s in Swedish but the warning is: ..”Only use this command if a user has forgotten…
SSL certificate import to IIS “Specified logon session does not exist”
Have been struggling a bit to import a SSL certificate generated by certbot (Let’s Encrypt) on an IIS server. Reproduction of error 1. Create SSL certificate with certbot using command:certbot -d domain.com -d www.domain.com –manual –preferred-challenges dns certonly 2. Certificates…
Change keyboard layout in Kali Linux
Default keyboard layout for Kali Linux is english. One command you can use for changing keyboard layout is:setxkbmap <lang-code> So for instance if you would like to change the layout to swedish the command is: setxkbmap se