TryHackMe Injection Walkthrough

by Vince
in Blog
Hits: 1607

The description states:  "Walkthrough of OS Command Injection. Demonstrate OS Command Injection and explain how to prevent it on your servers".

After deploying the machine and reading the first couple of paragraphs, we move into the section titled:  "Blind Command Injection".

Read more

TryHackMe Gatekeeper Walkthrough

by Vince
in Blog
Hits: 4928

The description states:  "Can you get past the gate and through the fire?

Before I jump into this, I'd like to get a couple of things out of the way.  First, If you're doing this box, I assume you can find your way to the binary.  Second, with very few Windows buffer overflow problems on the Internet, it's nice to find another to work on those skills in a controlled environment.  Add this to the short list with SLMail and Brainpan.

Read more

Kerberos Golden Tickets

by Vince
in Blog
Hits: 520

If an attacker were to get on your network, compromise the domain, and takeover the krbtgt account, creating a golden ticket is an almost guaranteed method for persistence as long as you don't reset the password for that account -- twice.  "The password must be changed twice to effectively remove the password history."  I don't know if there's a "best practice" but according to Ping Castle, or at least its implication, we probably want to change it every 60 days.

Read more