Hacker Ciso, I broke stuff before (pentester), I automate builds (terraform), and I try to help move the industry. Friend to all. SANS MSISE Grad.
#pentesting #redteam #hacking #ciso #sans #blackhat #decon #terraform #IaC #blueteam #hackthebox #tryhackme
A great writeup on using all hijacking to get the password to keepass.
#infosec #pentesting #DLLInjection #keepass #password
https://twitter.com/skr1x_/status/1632031204743544835?t=kvJbredMu729pLmi3E9RCQ&s=19
#tryhackme #Tryhackme #AdventOfCyber2022 day 17
Todays Topic is again about input filtering, about regex to be exact.
The whole challenge starts with expanations about html5 and regex input filtering.
We get a short explanation on how regex is working and how to construct a regex filter.
THE best regex explanation I have ever read so far I must say. I have tried a couple times to understand regex with no success. TryHackMes explanation is really really good. I finally was able to understand the basics. πβ
We then get a the challenge to use egrep and reg to filter for 3 things inside a text file.
it takes a bit to construct the regex.
What worked for me is I started to filter for the first part see if its works and then add the next filter part and so on. after some trial and error I managed to solve all questions.
I have to say today where again really really awesome challenges πβ
if you havent done so yet: do consider taking part in the TryHackMe Advent of Cyber event. its absolutely worth it π
I've added the #EC2 #AWS templates to the #AWSMastodon repo.
If anyone spots something that looks wrong please let me know. My #terraform-fu is weak.
Sapir on Twitter shared:
Wanted to share my new tool which creates a report for Azure user activity .
this is an initial version, feedback would be appreciated!
https://github.com/sap8899/reportly
https://twitter.com/sapirxfed/status/1592982322881568768?t=JpjIFD5IB2y4clghgmgoZw&s=19
New F5 vuln came out and I find this part interesting:
"We chose the upload_file and create_user_3 endpoints as examples in our PoC, because they demonstrate the impact of the exploit concisely. We didn't find a way to immediately run code on the target host, but our investigation did not include every possible API endpoint."
Their POC would be trivial to modify & use the techniques I blogged about last week. Upload new copies of the /config/failover/*, /config/user_alert.conf or /config/startup files and you've got code execution.
Their implant technique is pretty slick though π
Nice job @iagox86 !
To use #ssh on the instance on #openstack. We will need to add the security group to the instance:
openstack --insecure server add security group myinstance-1 mysecuritygroup
Now on the #openstack host, you can connect to the instance:
ssh -i ./Ourtest_key.pem -o StrictHostKeyChecking=no ubuntu@$IP
Now that only works on accessing the instance via that #openstack host.
I'll update when I figure out how to get then external IP.
Time to create an instance on #openstack:
Now we can create the instance:
openstack --insecure server create --flavor myflavor --image 20.04 --network mynetwork --key-name Ourtest_key --min 2 --max
2 myinstance
Now lets attach a floating IP to external network:
IP=$(openstack --insecure floating ip list | tail -n 2 | head -n 1 | awk '{print $4}')
openstack --insecure server add floating ip myinstance-1 $IP
The first command gets a floating IP and assigns it to IP the second assigns it.
9/x
Time to create security groups on #openstack.
First just create a space for security group:
openstack --insecure security group create mysecuritygroup
Now you can add rules to that security group:
openstack --insecure security group rule create --remote-ip 0.0.0.0/0 --dst-port 22:22 --protocol tcp --ingress mysecuritygroup
So this rule is allowing any ip to connect to port 22 inbound.
9/x
Aeon
Al Sutton
πΊπ¦ Nate Warfieldπ»
Gareth Heyes 
