Booj thoughts on security

Stack Buffer Overflows: Linux - Chapter 1

Introduction Buffer overflows are probably my favourite part of the security field. They can range from simple to incomprehensible, offer a wide variety of exploitation techniques and are just kinda fun. Also they sound way more difficult than they are! Whilst modern OS’s have started to introduce memory protections, there are always ways arou... Read more

HackTheBox - Bastard

This post describes multiple attacks upon the Bastard box on hackthebox.eu. I’ve found myself updating and transferring my old blog in some of the dead hours of today and Piers Morgan somehow made it on the Netflix special I was watching with the family. Couldn’t resist a dig! Introduction Bastard is very much a box about understanding your e... Read more

HackTheBox - Optimum

This post describes multiple attacks upon the Optimum box on hackthebox.eu. Introduction This is a particularly interesting box. Getting a shell is easy, perhaps one of the easiest on the site, but escalating evades a number of people, despite, in theory, also being very easy. Originally, I cracked this box in a non-intended manner, so there ... Read more

HackTheBox - Joker

This is a re-upload of my writeup at the HackTheBox Forums, with some minor corrections. Enumeration Starting off as always, we run an nmap scan. PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.3p1 Ubuntu 1ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 88:24:e3:57:10:9f:1b:17:3d:7a:f3:26:3d:b6:33:4e (RSA)... Read more

Privilege Escalation via lxd

LXD is Ubuntu’s container manager utilising linux containers. It could be considered to act in the same sphere as docker, The lxd group should be considered harmful in the same way the docker group is. Under no circumstances should a user in a local container be given access to the lxd group. This is because it’s entirely trivial to exploit.... Read more