I like to write about my insights from my training on Hack The Box, TryHackMe, and OffSec, exploring offensive security techniques and real-world scenarios. Here are some of my favorite posts that made it onto the blog.
After the mashine is deployed we check the source-code of the website but here is nothing interesting to find. So let’s move forward with our basic procedere run nmap and gobuster to check for open ports and directorys on the web-server. As result we found a open Ports for ssh, ftp and httpd. For ssh …
While infilatrating a system it is mostly necessary no escalate your privileges to another user or the root user. While learning about priv-esc on linux-system I often used a simple technique which is based on misconfigured binarys. For example if a lower priv user is allowed to run a program with sudo and no password …
First of all, we run our basic scans to check for open ports and directories on our target. While this scans run we have a look at the web-page, but there is nothing interesting to find. Nmap found some open ports, so let’s try if we can log in with some default credentials. SSH doesn’t …
Introduction Early this year I switched my SFFB from the Cooler-Master NR200P to the SSUPD Meshlicious. First with a single 280mm Radiator for CPU and GPU. A few weeks ago I added a second radiator to reduce the water-temperature under load a bit. This worked totally fine but the space between the GPU was not …
Since the launch of Ryzen 5000 in 20th November 2020 many people struggling with the temperatures of the current Ryzen-CPU’s. Other the years people figured out many ways to squeeze the best possible performance out of their CPU’s. The way to do this with Ryzen-Master to find the sweet spot for each core is a …
While seting up a new VM on my workstation I ran in a couple of errors while trying to run hashcat. Mostly the error appears with Ryzen cpu’s, since I run a Ryzen 5900X I have to figure out what fixes the error. In short, here is the clear step by step way. Symtoms While …
This room has took me some time and I noticed that my solution is a little bit different to the other writeups about this room, so feel free to check my solution. First of all we have to check the IP in our browser if there is a website where we can get some information …
Introduction If you want to use Linux on Windows, a VM is still a good alternative to WSL. Recently I’ve had massive performance problems with my Linux VM’s after installing WSL. Some workarounds are presented below. Symptoms The problems were massively noticed by the following abnormalities. VM is freezing while boot My Kali-VM has partial …
What is Nessus? Nessus is a vulnerability scanner like OpenVAS. Nessus scans your target for open ports, wrong file permissions, known vulnerabilities, etc. Everythinig is presented in a good-looking and clear GUI with nice additional features like report exporting, different presets for specific scans and monitoring. Install Nessus First of all, you have to register …
What is Vagrant Vagrant is a free tool to create and manage virtual machines. It shorts the process of searching for an OS-Image to install and configure in a single command. Vagrant is very similar to docker but the difference is Vagrant is perfect for the automated and reproducible creation of virtual machines. Docker, on …