As you walk down the street, you approach a home with an ADT sign and you notice a pair of surveillance cameras.  As you pass the home, you also notice the doors, windows, and garage door are all closed, and a sign posted on the gate to the side yard reads:  "Beware of Dog". 

A few doors down, you pass another home without any visible signs for an alarm company and as far as you can tell, no surveillance cameras.  As you complete your pass of this second home, you notice the gate and garage door are both wide open.  In the garage, you can see three bicycles, a set of golf clubs, and a BMW with the driver side window rolled down. 

Read more: Low Hanging Fruit

I banged my head a bit on this one.  The low privilege shell was quick but the privilege escalation had me twisting for a while.  This box is definitely a mixture of standard exploitation with a CTF twist.  CTF is not really my thing but I enjoyed this box.  It was clever and there were some components to it that are truer to life than some of the boxes that don't seem to have a purpose other than being a target.  

Read more: Vulnhub Bob: 1.0.1 Walkthrough

This will sound like a walk-through for Kioptrix1 but it didn't start off that way.  While scanning a server, I saw the following:

+ mod_ssl/2.8.4 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell.

When you search for:  mod_ssl exploit

The first result is 764.c on Exploit-DB.  Out of the box, when you compile it, it throws a bunch of errors which sometimes means nothing but in this case, it didn't result in an exploitation.  I assumed this was due to the age of this exploit and when I went searching, I found a few articles on how to repair this exploit to make it work in the modern day.

Read more: mod_ssl Remote Buffer Overflow

If you don't already use the web site "have i been pwned?", you should. It's a solid resource for checking your accounts for possible compromise.  Basically, you enter your email address, it will search through its database, and if your address shows up in its list, it will spit out the compromised sites and the details of the breach.  

Another feature of the site is the ability to check a password against their list of compromised passwords.  There are about 580 million passwords in their database and while you think "l33thacker" is solid, their database says it's been found 55 times.

Read more: Checking for Pwned Passwords

With most things technology, if you don't use it, you lose it.  I was once an MSSQL DBA but after taking and passing the certification, I never used it -- and then lost it.  I can hack my way around SQL but I wouldn't call myself a database administrator.  If you don't want to lose it, keep honing your skills, keep learning new things, and with pentesting, keep popping boxes.  You step away from it for just a short period of time and you're rusty.  

This is a skill I do not want to lose and that's why I find spare time to get after these boxes appearing on Vulnhub.  Practice, practice, practice!  

Read more: Vulnhub zico2: 1 Walkthrough

From time to time companies go through audits for various reasons.  In some cases, we’re the party performing the audit.  In other cases, a third party is performing the audit and we’re a participant from the technical team.  It’s a mixed bag because audits aren’t fun.  And no matter when you schedule them, it’s an inconvenience.  Rarely do I see both parties genuinely interested in the process or the outcome.  And let’s be honest, someone is questioning someone else’s ability to do their job.

That said, having been on the frontline of a disaster recovery or two has taught me to take audits seriously.  Particularly when it comes to backups because a company can survive many obstacles but data loss typically isn’t one of them. 

Read more: A Restore Solution