Posts

Writing your own scripts: a great way to practice

 In the world of Hacking, and even IT, being able to write your own scripts is arguably an essential tool to have. Whether it's bash, powershell, python, etc. knowing even one language enough to write scripts is something you should definitely take time to learn.  So, you might ask what is the point of making these scripts if there are multiple scripts that are already made? There are plenty of script writers who are much better... but there are a few reasons!  One: Practicing with different languages. Although most languages are the same at the basic level writing scripts is a way to get a good and quick understanding of different languages. Programmed something in bash? Try Python. Did it in powershell? Try Go. This exposes you to different languages even if the concept is the same. The idea is getting a good understanding, not practicality. You don't need to write super long programs to get an initial grasp of a language!  Two: Customization Arguably customization is probabl

DEFCON 32: My review as a first time attendee.

 Since the first time I heard about DEFCON (2018, probably before) I have wanted to attend. Due to time and mainly money, I haven't been able to up until now. Thankfully, my job (thank you very much!) paid for most everything an I was able to go this year. I am going to talk about my experience there and some tips for next year if you decide to (hopefully) go! Let's start with the location. I hadn't been to the previous DEFCONs so I didn't know what it was like but this year it was held in the west wing part of the Las Vegas Convention Center. This location is right by multiple hotels (mine was about 10-15 min walk which wasn't too bad), and close to the strip. This center is huge and we were *just* in the west wing part of it. What I enjoyed most about this honestly was the central location. I can imagine walking across multiple hotels would get a bit tiresome. Everything was relatively close and about a 5 minute walk, or 30 second escalator ride. There were... A L

Steghide: An introduction

Image
 JOLT, a hacking CTF located in Little Rock, Arkansas. JOLT 2022 was where I first was introduced to steghide. Steghide is a tool associated with Steganography which according to wikipedia is: ""the practice of representing information within another message or physical object, in such a manner that the presence of the information is not evident to human inspection". So basically hiding information within a picture. And of course if you can hide information in there you can extract information, and hide information that is dangerous." On the kali linux steghide page it says: "Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, jpeg, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseud

Vulnerability Spotlight: Type confusion

What is type confusion exactly? And how can it be used to exploit programs? According to the CWE (Common Weakness Enumeration) "Type confusion is when: the program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type. When the program accesses the resource using an incompatible type, this could trigger logical errors because the resource does not have expected properties. In languages without memory safety, such as C and C++, type confusion can lead to out-of-bounds memory access." C and C++ are common examples used because these languages do not have type checking. This allows attackers to potentially exploit type confusion within C/C++ programs, which can lead to code execution. Of course C and C++ are not the only examples, languages with dynamic typing generally (like Perl) have this issue. C++ has 3 main Cast

Post SOTB and Happy New Year :)

Image
 If you missed out on SOTB that really stinks, but also I understand. Shell on the Border happened during new years and man was it an amazing experience. I couldn't attend the speaker part but the ctf was fun. It was at an arcade that had major Mr. Robot vibes. A truly different and awesome experience in the unlikely city of Fort Smith, Arkansas. Want to make a huge shout out Shyft, MoonKaptain, Fie, FractumSeraph, Allee, Fort Smith Arcade, and HackNWA (if I forgot you I am sorry it's not on purpose). All of y'all made this an amazing experience and the work we put it in was definitely seen. I am proud to be apart of FS2600 and I am grateful for the opportunity to be able to help, and to even do some of my first challenges.  I wanted to go over my challenges that I did, just 3, for those that are curious. First of all this being my first time making CTF challenges there were some mistakes on my part. I had made these challenges with a huge assumption of prerequisite knowled

Lessons from help desk part 1

 I love ethical hacking, Cybersecurity, and finding a tasty and juicy vulnerability. However, I think people underestimate the lessons from a very important job: help desk. Help desk is one of those almost "put you through the ringer" type of jobs. It can be soul-sucking, it can be filled with frustration, endless tickets, anxiety, and so on. I think one of the most important things about help desk because of this is to take some lessons in order to understand not only Cybersecurity, IT, and even society as a whole. Let's dig in. The weakest link: the human brain Help desk is basically this: ticket comes in, a user is having an issue that you may or may not know how to fix off the top of your head. You do your best to assist them as urgently and best as possible. This can go a myriad of ways, the user doesn't answer, the user is frustrated and just "wants you to fix it" but is not describing the issue so you have to figure it out, and so on.  One of the thin

An open redirect??? In THIS economy???

 Within the world wide web you have what are called redirections, or forwarding. Redirection is as simple as it sounds: You are browsing to a website and redirects your (or sends you) to a different site. This could be an old URL redirecting you to the new one, a url of a company directing you to the main page, or a malicious redirect. The 3rd one is what we will be discussing today.  Generally, redirects are in the 300 HTTP status code (reference here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/300) and are either 301, 302, or 308. Depending on the website, it will require some action from the user (like logging in).  Within the bug bounty platform open redirects are generally P4 on severity level, and so generally don't offer much in way of bounty or severity. Generally, you want to combine this with something like an XSS, SSRF, CSRF, etc to make it much higher impact, and higher bounty. But open redirects are easy to teach and understand and so they are hunted quit