Certifications, Learning Material, Reviews

Offensive Security Wireless Professional (OSWP) Review

Introduction

The Offensive Security Wireless Professional is an ethical hacking certification offered by Offensive Security that teaches wireless penetration testing techniques, specifically for WEP, WPA, and WPA2.

It comes with the Offensive Security Wireless Attacks video and PDF course, which aims to prepare students for the exam. In this article, I take the time to talk about my experience with this certification, the pros and cons of the course, thoughts after taking and passing the exam, etc.

May 29, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, Hack The Box

Hack The Box – Delivery Walkthrough

Introduction

This was an intermediate Linux machine that involved exploiting the ticket reply via email functionality of osTicket to access a MatterMost web application to find SSH credentials and using Hashcat rules to crack root hashes stored in the MySQL database to escalate privileges.

May 25, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, TryHackMe

TryHackMe – Relevant Walkthrough

Introduction

This was an easy Windows machine that involved exploiting the Microsoft Eternal Blue exploit to gain immediate system-level access or alternatively an open SMB share to gain initial access and token impersonation to escalate privileges to system.

May 24, 2021 | by Stefano Lanaro

CTF Walkthroughs, TryHackMe

TryHackMe – Overpass 3 – Hosting Walkthrough

Introduction

This was an intermediate Linux machine and the last in the Overpass TryHackMe series, it involved discovering a backup archive stored on the webserver, which contained encrypted user credentials that are then used to connect to the FTP server and uploading a PHP reverse shell to gain initial access. Root access was then obtained by exploiting an open NFS share with the no_root_squash option enabled.

May 23, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, TryHackMe

TryHackMe – Overpass 2 – Hacked Walkthrough

Introduction

This was an easy Linux machine and the second in the Overpass TryHackMe series. It involved analyzing a capture file containing requests issued by an attacker to compromise the web server, escalate privileges to root and establish persistence, in order to understand the exact steps followed to do so, and then using that information to hack back into the host.

May 21, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, Hack The Box

Hack The Box – Passage Walkthrough

Introduction

This was an intermediate Linux machine that involved exploiting a remote code execution vulnerability in the CuteNews web application to gain initial access, exposed user password hashes to gain a user shell, and a vulnerability in the USBCreator D-Bus interface to escalate privileges to root.

May 19, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, Hack The Box

Hack The Box – Ready Walkthrough

Introduction

This was an intermediate Linux machine that involved exploiting a remote code execution in GitLab to gain initial access, an exposed root password and a misconfigured docker container to escalate privileges to root.

May 16, 2021 | by Stefano Lanaro | 1 Comment

Learning Material, Reviews

Using Udemy to Learn Penetration Testing

Introduction

Udemy can be a great place for learning or honing many skills, it was one of the first places where I started studying cybersecurity and it definitely helped me a great deal in my journey. This review will show how to best use Udemy to your advantage to learn cybersecurity and penetration testing.

May 16, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, TryHackMe

TryHackMe – Overpass Walkthrough

Introduction

This was a very easy Linux machine and the first in the Overpass TryHackMe series. It involved adding a custom cookie to bypass web authentication in order to gain initial access and exploiting a cron job to escalate privileges to root.

May 15, 2021 | by Stefano Lanaro | Leave a comment

CTF Walkthroughs, TryHackMe

TryHackMe – Daily Bugle Walkthrough

Introduction

This was an easy Linux machine that involved exploiting a blind SQL injection vulnerability in Joomla to gain initial access, exposed database credentials to gain user access, and the Yum package manager with Sudo permissions allowed to escalate privileges to root.

May 14, 2021 | by Stefano Lanaro | 2 Comments

Pentesting

Introduction

Introduction

Introduction

Introduction

Introduction

Introduction

Introduction

Introduction

Introduction

Introduction