WriteUp: HackTheBox Bashed

Bashed is a Linux machine rated easy. We gain access to the user flag via basic enumeration. To get the root flag, we have to escalate privileges by taking advantage of a scheduled cron job that can run without a password being required. Table of Contents ReconnaissanceEnumerationUser FlagPrivilege EscalationRoot FlagDefender's Note Reconnaissance We start off … Continue reading WriteUp: HackTheBox Bashed

My GIAC Certified Forensic Analyst (GCFA) Experience

In late January, I was offered a moderator position via SANS Work Study Program that allowed me to attend the FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics course taught live online by instructor Mat Fuchs. This is a 6 day intensive course that cumulates in a capstone challenge on day 6. Being a … Continue reading My GIAC Certified Forensic Analyst (GCFA) Experience

Writeup: Advent of CTF 5 – Classic

For this challenge, we are required to bypass a login form using a powerful 'hacker tool'. Could the reference to hacker tool simply be a distraction? Again a login form stands in your way. What powerful 'hacker' tool will help you proceed? As usual, we begin by inspecting the source code via Developer tools to … Continue reading Writeup: Advent of CTF 5 – Classic