Mastodawn

Alright, now that I expressed my frustration over the lack of awareness in the @offsec community Discord, I will provide a fair, unbiased review of the platform after trying my first box.

Coming from Hack the Box, it definitely feels a little less gamified and more like real-world application (so far), although HTB is still a little similar. On HTB, I have noticed that a lot of boxes have default admin accounts whereas OffSec appears to have stripped that out (at least so far). Default credentials do still happen in the wild, but it is nice to have that more realistic feel to it.

The user.txt not being the actual user flag tripped me up at first but then I quickly noticed another txt file next to it. I definitely had some HTB tunnel vision there at first. Having the little message encoded in the user.txt file was cool. I definitely liked that.

I am assuming there is probably a sound when you pop a box but I just realize I hadn't configured my conf file for dmic_detect on this fresh install yet, so my sound wasn't working.

Overall, I would give the feel of the platform a solid 8.5/10. You just need to tell your community mods not to blindly defend random users with federal employee look-alike usernames when someone "jokingly" calls it larp so people are on guard. I don't think your community mod understands what "harassment" is. Raising valid concern regarding threat indicators is not "harassment."

#offsec #ctf #review #cybersecurity #pentesting #EthicalHacking

ZeroTrustWraith Jun 11

Well, my 8U 10" home lab rack is finally completed.

Luckily there are no power bricks involved but my PDU does have several wall warts plugged into it.

Also, my Raspberry Pi cluster and the switch both exit out the front, but the layout alignment was completely wrong. Plus, a single 0.5U patch panel was too far away for short cable runs, and I refused to snake thick Cat6 from back-to-front in such a tight space.

The solution? I stacked two 0.5U panels to fill a 1U gap, using the second one as a literal front-facing data bridge. To avoid severe bends on the 0.5ft patch cables, I offset the connections by two keystones diagonally. It naturally curves the cables, relieves port tension, looks incredibly clean, and standard Gigabit doesn’t care about the extra hop.

It’s not stupid if it works

Full layout:

Bottom frame: There's a 12V 120mm fan on the bottom with a dust cover for air intake/cooling.

It's a GeeekPi fan but I may upgrade it to something a little more powerful later on.

1U & 2U: Pi cluster right above the 120mm fan to help ensure they don't get cooked by having other equipment below them.

1x Pi for IDS Tripwire
2x Pi on separate VLAN with strict rules to mess with OWASP Juice Shop and other pen testing environments.

3U: 2x 0.5U patch panels

4U: 8 port managed switch

5U: vent panel

6U & 7U: Protectli Vault w/ stateful firewall and IPS

8U: vent panel

The PDU is on the back (2U) with a blank panel below it to help create a chimney effect for the fan and a brush panel above it where the power cord comes out.

#HomeLab #Networking #RaspberryPi

ZeroTrustWraith Jun 11

⚠️ Disclaimer: For educational use only. All activities shown were performed legally on an authorized CTF platform. Unauthorized access to systems is illegal and carries severe criminal penalties.

This video demonstrates a Time-of-Check to Time-of-Use (TOCTOU) race condition exploit (CVE-2026-3888), which was a key component of the "Snapped" machine on Hack The Box.

"Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS" (Common Vulnerabilities and Exposures, 2026).

https://www.cve.org/CVERecord?id=CVE-2026-3888

#EthicalHacking #offsec #penetrationtesting #Linux #cybersecurity