Booj thoughts on security

SLAE Exercise 1 - Bind Shell

Introduction This blog post has been created for completing the requirements of the SecurityTube Linux Assembly Expert Certification exam. Student ID: SLAE - 1193 The format of the first exam was to write shellcode with the following requirements: Create a Shell_Bind_TCP shellcode Binds to a port Execs Shell on incoming co... Read more

HackTheBox - Nightmare

This machine was a worthy successor to Calamity. Whilst it didn’t test you to the same level with exploit development, it does require the tester to read what their exploits are doing, modify them for custom environments and understand the process at all steps. This is an invaluable skill that I’m glad the harder boxes test, as downloading an ... Read more

Pinky's Palace v3 Writeup

A rather different one from the usual, as in this writeup I’ll be tackling Pinky’s Palace v3 by @Pink_Panther. This is probably at around the Intermediate/Hard level, and it teaches some very important things about the way in which you approach your enumeration methodology (one which caught me out for a couple of days and required a nudge to mo... Read more

HackTheBox - Ariekei

Unbelievable! Some idiot disabled his firewall, meaning all the computers on floor Seven are teeming with viruses, plus I’ve just had to walk all the way down the motherfudging stairs, because the lifts are broken again! Here we’re going to dig deep into Ariekei, the winding maze of containers, WAF’s and web servers from HackTheBox. Enu... Read more

HackTheBox - Minion Error Code Exfiltration

This is a writeup of an alternative technique for Minion, which involves exfiltrating data via error codes. All credits for this technique go to @m0noc who actually made this work and used it to pwn Minion. The Situation In Minion we had command execution which returned the exit code of the command called. 0 for success and 1 for failure. In re... Read more